Exam SY0-701 Topic 1 Question 31 Discussion
Actual exam question for CompTIA's SY0-701 exam
Question #: 31
Topic #: 1
Question #: 31
Topic #: 1
A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee's corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation.
Which of the following logs should the analyst use as a data source?
Which of the following logs should the analyst use as a data source?
Suggested Answer: A Vote an answer
by Noah at Jul 19, 2024, 11:54 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).