CompTIA DataX (CNX-001) — Question 41

A network security administrator needs to set up a solution to:
Gather all data from log files in a single location.
Correlate the data to generate alerts.
Which of the following should the administrator implement?

Answer options

Correct answer: D

Explanation

The correct answer is D, SIEM, as it is designed specifically to collect and analyze log data for security alerts. While Syslog (A) and Event log monitoring (B) gather logs, they do not provide the correlation and alerting capabilities that a SIEM offers. Log management (C) focuses on storage and retention rather than real-time analysis and alerting.