CompTIA CySA+ CS0-003 Practice Question

A security administrator at your organization has implemented a new system for tracking and managing privileged accounts, including setting up automated alerts for unusual activity. However, a recent review found that many alerts were being ignored. What is the most important action the security administrator should take to address this issue?

  • Ignore low-priority alerts and focus only on high-priority ones

  • Review and fine-tune the criteria for generating alerts to ensure they are meaningful and actionable.

  • Create additional alert types to ensure all types of unusual activities are captured

  • Consult a third-party auditor for recommendations on handling alerts

CompTIA CySA+ CS0-003
Security Operations
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot