CS0-003
Security Operations
hard
Question 4 of 37

A SOC team is overwhelmed with low-fidelity alerts and wants to reduce analyst fatigue while maintaining detection coverage. Which process improvement strategy most directly addresses this?

ATuning SIEM correlation rules and implementing alert prioritization
BPurchasing additional SIEM licenses to handle more events per second
CIncreasing the number of tier-1 analysts
DDisabling detection rules that generate the most alerts

More Security Operations Questions

37 questions

Full CompTIA CySA+ Practice Test

All topics covered

All CompTIA CySA+ Questions

Browse by topic

Related Questions

What does the term 'SIEM' stand for in security operations?...

easy

Which type of threat actor is primarily motivated by financial gain?...

easy

Which framework uses tactics, techniques, and procedures (TTPs) to describe adversary behavior and i...

easy

What is the primary purpose of log ingestion in a security operations environment?...

easy

Which of the following best describes a 'rogue device' as a network anomaly indicator?...

easy
View all Security Operations questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account