CompTIA CySA+ (CS0-003) — Question 107
Which of the following is often used to keep the number of alerts to a manageable level when establishing a process to track and analyze violations?
Answer options
- A. Log retention
- B. Log rotation
- C. Maximum log size
- D. Threshold value
Correct answer: D
Explanation
The correct answer is D, as setting a threshold value helps to limit the number of alerts generated by violations, making them more manageable. Options A, B, and C relate to log management but do not directly address the control of alert volume.