The architecture team has been given a mandate to reduce the triage time of phishing incidents by 20%. Which of the following solutions will most likely help with this effort?
A.
Integrate a SOAR platform.
B.
Increase the budget to the security awareness program.
C.
Implement an EDR tool.
D.
Install a button in the mail clients to report phishing.
Running automated playbooks to check for known malicious indicators.
Escalating real threats while dismissing false positives.
Why Not Other Options?
B (Increase security awareness) → Helps prevent phishing but does NOT reduce triage time.
C (Implement EDR) → EDR is useful for endpoint protection but does NOT specifically reduce phishing triage time.
D (Install a "Report Phishing" button) → Helps report phishing but does NOT automate the triage process.
[Reference: CompTIA CySA+ CS0-003, Chapter 7: "Security Operations and Automation," Section: "SOAR and Incident Response Efficiency", , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit