CompTIA Security+ Question F-61

A security administrator is investigating a recent server breach. The breach occurred as a result of a zero-day attack against a user program running on the server. Which of the following logs should the administrator search for information regarding the breach?

A. Application log
B. Setup log
C. Authentication log
D. System log

Answer: A