You work as a SOC analyst. Which option is an element of the security architecture that might report on beaconing activity between an infected host and a botnet command-and-control server?

The element of the security architecture that might report on beaconing activity between an infected host and a botnet command-and-control server is an Intrusion Prevention System (IPS).

IPS is designed to monitor network traffic for malicious activity, including communication patterns between infected hosts and known command-and-control servers. When it detects beaconing or suspicious traffic, it can generate alerts or block the communication, thus providing a layer of defense against botnet activity and other network-based threats.