A security solution uses a sandbox environment to execute zero-day software and collect indicators of compromise. Which of the following should the organization do to BEST take advantage of this solution?
A.
Develop an Nmap plug-in to detect the indicator of compromise.
B.
Update the organization's group policy.
C.
Include the signature in the vulnerability scanning tool.
D.
Deliver an updated threat signature throughout the EDR system.
The organization can take the following action to best take advantage of the security solution that uses a sandbox environment to execute zero-day software and collect indicators of compromise:
D. Deliver an updated threat signature throughout the EDR system.
When an organization uses a sandbox environment to execute zero-day software and collect indicators of compromise, it is essential to have an updated threat signature throughout the EDR (Endpoint Detection and Response) system. EDR systems help identify and remediate suspicious activities in the network environment. By delivering updated threat signatures, EDR systems can detect zero-day exploits that evade signature-based security solutions, such as antivirus, firewalls, and intrusion detection/prevention systems. Therefore, updating the threat signature throughout the EDR system is the best way to leverage the sandbox environment's benefits and prevent zero-day threats.
upvoted 8 times
...
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
p1s3c
Highly Voted 7 months, 2 weeks ago