Exam CAS-005 Topic 1 Question 40 Discussion
Actual exam question for CompTIA's CAS-005 exam
Question #: 40
Topic #: 1
Question #: 40
Topic #: 1
A company wants to invest in research capabilities with the goal to operationalize the research output. Which of the following is the best option for a security architect to recommend?
Suggested Answer: B Vote an answer
Investing in a threat intelligence platform is the best option for a company looking to operationalize research output. A threat intelligence platform helps in collecting, processing, and analyzing threat data to provide actionable insights. These platforms integrate data from various sources, including dark web monitoring, honeypots, and other security tools, to offer a comprehensive view of the threat landscape.
Why a Threat Intelligence Platform?
* Data Integration: It consolidates data from multiple sources, including dark web monitoring and honeypots, making it easier to analyze and derive actionable insights.
* Actionable Insights: Provides real-time alerts and reports on potential threats, helping the organization take proactive measures.
* Operational Efficiency: Streamlines the process of threat detection and response, allowing the security team to focus on critical issues.
* Research and Development: Facilitates the operationalization of research output by providing a platform for continuous monitoring and analysis of emerging threats.
Other options, while valuable, do not offer the same level of integration and operationalization capabilities:
* A. Dark web monitoring: Useful for specific threat intelligence but lacks comprehensive operationalization.
* C. Honeypots: Effective for detecting and analyzing specific attack vectors but not for broader threat intelligence.
* D. Continuous adversary emulation: Important for testing defenses but not for integrating and operationalizing threat intelligence.
References:
* CompTIA SecurityX Study Guide
* "Threat Intelligence Platforms," Gartner Research
* NIST Special Publication 800-150, "Guide to Cyber Threat Information Sharing"
Why a Threat Intelligence Platform?
* Data Integration: It consolidates data from multiple sources, including dark web monitoring and honeypots, making it easier to analyze and derive actionable insights.
* Actionable Insights: Provides real-time alerts and reports on potential threats, helping the organization take proactive measures.
* Operational Efficiency: Streamlines the process of threat detection and response, allowing the security team to focus on critical issues.
* Research and Development: Facilitates the operationalization of research output by providing a platform for continuous monitoring and analysis of emerging threats.
Other options, while valuable, do not offer the same level of integration and operationalization capabilities:
* A. Dark web monitoring: Useful for specific threat intelligence but lacks comprehensive operationalization.
* C. Honeypots: Effective for detecting and analyzing specific attack vectors but not for broader threat intelligence.
* D. Continuous adversary emulation: Important for testing defenses but not for integrating and operationalizing threat intelligence.
References:
* CompTIA SecurityX Study Guide
* "Threat Intelligence Platforms," Gartner Research
* NIST Special Publication 800-150, "Guide to Cyber Threat Information Sharing"
by Frederica at Jul 05, 2025, 07:29 AM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).