CompTIA Network+ (N10-006) — Question 55

After a recent breach, the security technician decides the company needs to analyze and aggregate its security logs.
Which of the following systems should be used?

Answer options

• A. Event log
• B. Syslog
• C. SIEM
• D. SNMP

Correct answer: C

Explanation

The correct answer is C, SIEM, as it provides comprehensive capabilities for collecting, analyzing, and correlating security log data from various sources. Options A (Event log) and B (Syslog) are useful for logging but do not offer the advanced analysis and aggregation features found in SIEM. D (SNMP) is primarily used for network management and monitoring, not for log aggregation.