CompTIA Study Materials
AWS Study Materials
AWS Certified Developer Associate AWS Certified Developer Associate
AWS Certified Developer Associate DVA-C02
AWS Certified Solutions Architect Associate AWS Certified Solutions Architect Associate
AWS Certified Solutions Architect Associate SAA-C03
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

During a review of incident response protocols, you are evaluating methods for collecting indicators of compromise (IoCs) that could signal a data exfiltration attempt on a heterogeneous network containing a mix of legacy and modern systems. The goal is to ensure minimal performance impact while maintaining comprehensive surveillance. Which collection method would provide the best balance between low system overhead and effective capture of potential IoCs?

  • Implementing a centralized logging solution with log correlation

  • Deploying network-based anomaly detection systems on all network segments

  • Configuring endpoint detection and response (EDR) on all systems

  • Enabling full packet capture on all network traffic

This question is for objective:
Security Operations
Your Score:
Security Operations
Vulnerability Management
Incident Response and Management
Reporting and Communication