A security engineer is investigating a compromise that occurred between two internal computers. The engineer has determined during the investigation that one computer infected another. While reviewing the IDS logs, the engineer can view the outbound callback traffic, but sees no traffic between the two computers. Which of the following would BEST address the IDS visibility gap? A. Install network taps at the edge of the network. B. Send syslog from the IDS into the SIEM. C. Install HIDS on each computer. D. SPAN traffic form the network core into the IDS. Â Suggested Answer: C Community Answer: D This question is in CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam For getting CompTIA Advanced Security Practitioner (CASP+) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by CompTIA. Trademarks, certification & product names are used for reference only and belong to CompTIA. The website does not contain actual questions and answers from CompTIA's Certification Exams.
Please login or Register to submit your answer
