After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which of the following systems should be used?
A. Event log
B. Syslog
C. SIEM
D. SNMP
CompTIA exam questions
After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs. Which of the following systems should be used?
A. Event log
B. Syslog
C. SIEM
D. SNMP
It has been determined by network operations that there is a severe bottleneck on the company’s mesh topology network. The field technician has chosen to use log management and found that one router is making routing decisions slower than others on the network. This is an example of which of the following?
A. Network device power issues
B. Network device CPU issues
C. Storage area network issues
D. Delayed responses from RADIUS
While monitoring the network, a technician notices that the network traffic to one of the servers is extremely high. Which of the following should the technician use to verify if this is a concern?
A. Log management
B. Network diagram
C. Network baseline
D. Real time monitor