CompTIA CySA+ (CS0-002) — Question 318

Which of the following are important reasons for performing proactive threat-hunting activities? (Choose two.)

Answer options

• A. To ensure all alerts are fully investigated
• B. To test incident response capabilities
• C. To uncover unknown threats
• D. To allow alerting rules to be more specific
• E. To create a new security baseline
• F. To improve user awareness about security threats

Correct answer: C, E

Explanation

The correct answers, C and E, highlight the necessity of discovering threats that are not yet known and the importance of establishing a new security baseline as part of proactive measures. The other options, while relevant to security practices, do not specifically address the proactive nature of threat hunting.