CompTIA CySA+ (CS0-003) — Question 26

A managed security service provider is having difficulty retaining talent due to an increasing workload caused by a client doubling the number of devices connected to the network. Which of the following would best aid in decreasing the workload without increasing staff?

Answer options

• A. SIEM
• B. XDR
• C. SOAR
• D. EDR

Correct answer: C

Explanation

The correct answer is C, SOAR, as it automates security processes and responses, thereby reducing the workload on staff. SIEM (A) focuses on security information management but does not automate tasks effectively. XDR (B) integrates threat detection and response but may not alleviate workload as comprehensively as SOAR. EDR (D) primarily deals with endpoint detection and response, which does not address broader workload issues.