CompTIA CySA+ (CS0-002) — Question 328

An organization is required to be able to consume multiple threat feeds simultaneously and to provide actionable intelligence to various teams. The organization would also like to be able to leverage the intelligence to enrich security event data. Which of the following functions would most likely help the security analyst meet the organization’s requirements?

Answer options

• A. Vulnerability management
• B. Risk management
• C. Detection and monitoring
• D. Incident response

Correct answer: C

Explanation

Detection and monitoring is the correct answer as it allows for real-time analysis of threat feeds and aids in the enrichment of security event data. Vulnerability management, risk management, and incident response are important but do not directly address the requirement for simultaneous threat feed consumption and actionable intelligence delivery.