CompTIA CySA+ (CS0-001) — Question 112

A technician is running an intensive vulnerability scan to detect which ports are open to exploit. During the scan, several network services are disabled and production is affected. Which of the following sources would be used to evaluate which network service was interrupted?

Answer options

• A. Syslog
• B. Network mapping
• C. Firewall logs
• D. NIDS

Correct answer: A

Explanation

The Syslog is a logging system that records system messages, including those related to service status, making it useful for identifying which services were interrupted during the scan. Network mapping does not provide real-time service status, while firewall logs focus on traffic rather than service interruptions. NIDS detects intrusions but does not log service status directly.