Cyber Monday Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

An organization recently acquired another company that is running a different EDR solution.

  1. Home
  2. CompTIA
  3. CompTIA CASP
  4. CAS-005
  5. CAS-005 Questions
  6. CompTIA SecurityX Certification Exam Practice Questions

An organization recently acquired another company that is running a different EDR solution. A SOC analyst wants to automate the isolation of endpoints that are found to be compromised. Which of the following workflows best mitigates the risk of false positives and reduces the spread of malicious code?

A.

Using a SOAR solution to look up entities via a TIP platform and isolate endpoints via APIs

B.

Setting a policy on each EDR management console to isolate all endpoints that trigger any alerts

C.

Reviewing all alerts manually in the various portals and taking action to isolate them

D.

Automating the suppression of all alerts that are not critical and sending an email asking SOC analysts to review these alerts

CompTIA CAS-005 View All Questions

CompTIA CAS-005 Summary

  • Vendor: CompTIA
  • Product: CAS-005
  • Update on: Dec 8, 2025
  • Questions: 326
Price: $52.5  $149.99
Buy Now CAS-005 PDF + Testing Engine Pack
Next
A compliance officer is reviewing the data sovereignty laws in several countries where the organization...
An external SaaS solution user reports a bug associated with the role-based access control module.
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2025 examsvce.com. All Rights Reserved
mcafee secure

TESTED 08 Dec 2025