CompTIA CySA+ (CS0-003) — Question 112

A team of analysts is developing a new internal system that correlates information from a variety of sources, analyzes that information, and then triggers notifications according to company policy. Which of the following technologies was deployed?

Answer options

• A. SIEM
• B. SOAR
• C. IPS
• D. CERT

Correct answer: A

Explanation

The correct answer is SIEM, as it is designed to collect and analyze security data from across the organization, providing alerts when certain conditions are met. SOAR focuses more on automating response actions rather than data correlation and analysis, while IPS is primarily concerned with intrusion prevention. CERT is related to incident response and management but does not specifically handle the correlation of information as described.