CompTIA Security+ Question J-13

Which of the following types of logs could provide clues that someone has been attempting to compromise the SQL Server database?

A. Event
B. SQL_LOG
C. Security
D. Access

Answer: A

Explanation:
Event logs include Application logs, such as those where SQL Server would write entries. This is where you would see logs with details of someone trying to access a SQL database.

CompTIA Security+ Question F-61

A security administrator is investigating a recent server breach. The breach occurred as a result of a zero-day attack against a user program running on the server. Which of the following logs should the administrator search for information regarding the breach?

A. Application log
B. Setup log
C. Authentication log
D. System log

Answer: A