CompTIA CySA+ (CS0-003) — Question 393

The architecture team has been given a mandate to reduce the triage time of phishing incidents by 20%. Which of the following solutions will most likely help with this effort?

Answer options

• A. Integrate a SOAR platform.
• B. Increase the budget to the security awareness program.
• C. Implement an EDR tool.
• D. Create new correlation rules for the SIEM.

Correct answer: A

Explanation

Integrating a SOAR platform is the most effective way to automate and streamline the incident response process, which directly reduces triage time. Increasing the budget for the security awareness program does not address the immediate operational efficiency needed. Implementing an EDR tool enhances endpoint security but does not specifically target triage time. Creating new correlation rules for the SIEM could improve detection, but it won't necessarily expedite the triage process.