A security operations manager wants to build out an internal threat-hunting capability. Which of the following should be the first priority when creating a threat-hunting program?

A. Establishing a hypothesis about which threats are targeting which systems

B. Profiling common threat actors and activities to create a list of IOCs

C. Ensuring logs are sent to a centralized location with search and filtering capabilities

D. Identifying critical assets that will be used to establish targets for threat-hunting activities








 

Suggested Answer: D

Community Answer: D



This question is in CS0-002 CompTIA Cybersecurity Analyst (CySA+) Exam
For getting CompTIA Cybersecurity Analyst (CySA+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.