4.Question 4Fill in the blank: _____ is the process of examining logs to identify events of interest. 1 pointLog fileLoggingLog forwarderLog analysis

Fill in the blank: _____ is the process of examining logs to identify events of interest. 1 分LoggingLog analysisLog fileLog forwarder

1.Question 1Which of the following refers to a record of events that occur within an organization’s systems?1 pointLog forwarderLog sourcesOccurrencesLogs

Question 1Which of the following statements correctly describe logs? Select three answers.1 pointConnections between devices and services on a network are recorded in a firewall log.Outbound requests to the internet from within a network are recorded in a firewall log.Actions such as login requests are recorded in a server log.Security teams monitor logs to identify vulnerabilities and potential data breaches.

1.Question 1What is the primary purpose of logs during incident investigation?1 pointTo improve user experienceTo manage alert volumesTo provide a record of event detailsTo identify and diagnose system issues2.Question 2A security analyst wants to determine whether a suspicious login was successful. Which log type would be most useful for this purpose?1 pointAuthenticationNetworkSystem Firewall3.Question 3In the following log, what action does the log entry record?[ALLOW: wikipedia.org] Source: 192.167.1.1 Friday, 10 June 2022 11:36:121 point192.167.1.1SourceALLOWFriday, 10 June 2022 11:36:124.Question 4Fill in the blank: _____ is the process of examining logs to identify events of interest. 1 pointLog analysisLoggingLog forwarderLog file

Which of the following statements correctly describe logs? Select three answers.1 pointActions such as username requests are recorded in a network log.A record of connections between devices and services on a network is part of a network log.SIEM tools rely on logs to monitor systems and detect security threats.A record of events related to employee logins and username requests is part of a server log.2.Question 2