CertNexus Certified Cyber Secure Coder (CSC) — Question 69

An incident response team is concerned with verifying the integrity of security information and event management (SIEM) events after being written to disk. Which of the following represents the BEST option for addressing this concern?

Answer options

• A. Time synchronization
• B. Log hashing
• C. Source validation
• D. Field name consistency

Correct answer: A

Explanation

Time synchronization is crucial for ensuring that timestamps in SIEM events are accurate and consistent, which helps in verifying the sequence of events during an incident. Log hashing, while it ensures log integrity, does not address the timing aspect, and source validation and field name consistency do not directly impact the integrity of the logged events over time.