ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 129 discussion

Actual exam question from CompTIA's CS0-003
Question #: 129
Topic #: 1
[All CS0-003 Questions]

Security analysts review logs on multiple servers on a daily basis. Which of the following implementations will give the best central visibility into the events occurring throughout the corporate environment without logging in to the servers individually?

  • A. Deploy a database to aggregate the logging
  • B. Configure the servers to forward logs to a SIEM
  • C. Share the log directory on each server to allow local access.
  • D. Automate the emailing of logs to the analysts.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by kmordalv at Sept. 1, 2023, 12:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kmordalv
Highly Voted 1 year, 2 months ago
Selected Answer: B
Correct Configuring the servers to forward logs to a SIEM is the most effective way to achieve central visibility into events occurring throughout the corporate environment without having to log in to each server individually
upvoted 11 times
...
Nishaw
Highly Voted 7 months ago
Selected Answer: B
By configuring the servers to forward logs to a SIEM, security analysts can centrally collect and analyze log data from multiple servers without the need to log in to each server individually. This provides a centralized view of the events occurring throughout the corporate environment, allowing analysts to more easily detect and respond to security incidents. Deploying a database to aggregate logging could be part of a logging solution but does not provide the same level of centralized visibility as a SIEM. Sharing log directories or automating the emailing of logs would require manual effort and would not provide the same level of centralized visibility and analysis capabilities as a SIEM.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago