CompTIA CySA+ CS0-003 Practice Question
A security analyst is determining the best solution to enhance the security team's capability to quickly respond to and resolve alerts on a network with a high volume of security events. Which of the following options will BEST accomplish this objective?
Upgrading to a more advanced firewall to better control incoming and outgoing network traffic
Increasing the log retention period within the SIEM system to allow more data for manual incident investigation
Implementing a SOAR platform that automates incident response procedures and orchestrates security tasks across different tools
Deploying additional intrusion detection systems to increase the detection rate of security events