CompTIA CySA+ CS0-003 Practice Question

During a review of incident response protocols, you are evaluating methods for collecting indicators of compromise (IoCs) that could signal a data exfiltration attempt on a heterogeneous network containing a mix of legacy and modern systems. The goal is to ensure minimal performance impact while maintaining comprehensive surveillance. Which collection method would provide the best balance between low system overhead and effective capture of potential IoCs?

  • Enabling full packet capture on all network traffic

  • Configuring endpoint detection and response (EDR) on all systems

  • Deploying network-based anomaly detection systems on all network segments

  • Implementing a centralized logging solution with log correlation

CompTIA CySA+ CS0-003
Security Operations
Your Score:
Settings & Objectives

Check or uncheck an objective to set which questions you will receive.

Bash, the Crucial Exams Chat Bot
AI Bot