CompTIA DataX (CNX-001) — Question 15

An organization has centralized logging capability at the on-premises data center and wants a solution that can consolidate logging from deployed cloud workloads. The organization would like to automate the detection and alerting mechanism. Which of the following best meets the requirements?

Answer options

• A. IDS/IPS
• B. SIEM
• C. Data lake
• D. Syslog

Correct answer: B

Explanation

The best choice is SIEM, as it is designed to aggregate logs from various sources, including cloud workloads, and provides automated detection and alerting capabilities. IDS/IPS systems focus on intrusion detection and prevention rather than logging consolidation. Data lakes are used for storage and analysis of large data sets but do not provide the automated alerting features required. Syslog is a protocol for sending logs but lacks the comprehensive functionality of SIEM solutions.