Pre-Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

A security analyst is reviewing a SIEM and generates the following report: Later, the incident...

CompTIA CAS-005 Full Course Access
CompTIA CAS-005 View All Questions

A security analyst is reviewing a SIEM and generates the following report:

Later, the incident response team notices an attack was executed on the VM001 host. Which of the following should the security analyst do to enhance the alerting process on the SIEM platform?

A.

Include the EDR solution on the SIEM as a new log source.

B.

Perform a log correlation on the SIEM solution.

C.

Improve parsing of data on the SIEM.

D.

Create a new rule set to detect malware.

CAS-005 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now CAS-005 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
A company ' s help desk is experiencing a large number of calls from the...
A security architect is investigating instances of employees who had their phones stolen in public...
Previous