nerdexam
ExamsSY0-701Questions#842
CompTIACompTIA

SY0-701 · Question #842

SY0-701 Question #842: Real Exam Question with Answer & Explanation

The correct answer is A: Create playbooks as part of a SOAR platform.. By automating the triage and handling of routine or known-false alerts through SOAR playbooks, you filter out those false positives before they reach an analyst, significantly reducing manual review workload.

Submitted by hassan_iq· Mar 6, 2026Security Operations

Question

Which of the following actions would reduce the number of false positives for an analyst to manually review?

Options

  • ACreate playbooks as part of a SOAR platform.
  • BRedefine the patch management process.
  • CReplace an EDR tool with an XDR solution.
  • DDisable AV heuristics scanning.

Explanation

By automating the triage and handling of routine or known-false alerts through SOAR playbooks, you filter out those false positives before they reach an analyst, significantly reducing manual review workload.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-701 PracticeBrowse All SY0-701 Questions