CompTIA Security+ (SY0-601) — Question 703

A security analyst is working on a project to implement a solution that monitors network communications and provides alerts when abnormal behavior is detected.
Which of the following is the security analyst MOST likely implementing?

Answer options

• A. Vulnerability scans
• B. User behavior analysis
• C. Security orchestration, automation, and response
• D. Threat hunting

Correct answer: B

Explanation

The correct answer is B, User behavior analysis, which focuses on monitoring patterns of user activity to identify anomalies. Options A, C, and D do not specifically target the analysis of user behavior and abnormal network communications, making them less relevant to the requirement of providing alerts for unusual activities.