CompTIA CySA+ (CS0-003) — Question 214

An organization plans to use an advanced machine-learning tool as a central collection server. The tool will perform data aggregation and analysis. Which of the following should the organization implement?

Answer options

• A. SIEM
• B. Firewalls
• C. Syslog server
• D. Flow analysis

Correct answer: A

Explanation

The correct answer is A, SIEM, as it integrates data collection, aggregation, and analysis, making it ideal for advanced machine-learning functionalities. Firewalls (B) primarily focus on network security, while a Syslog server (C) is used for log management without advanced analysis capabilities. Flow analysis (D) is more about monitoring network traffic rather than aggregating and analyzing diverse data sets.