CompTIA Network+ (N10-009) — Question 477

A company experienced a breach and wants to implement preventive measures. The network administrator is looking for a tool that can collect, analyze, and quickly correlate known attacks. Which of the following software tools can accomplish this task?

Answer options

• A. Syslog collector
• B. SIEM
• C. Packet capture
• D. SNMP traps

Correct answer: B

Explanation

The correct choice is B, SIEM, as it is designed to collect and analyze security data from various sources to identify and correlate potential threats. Options A, C, and D do not provide the comprehensive analysis and correlation capabilities that SIEM offers; a Syslog collector merely gathers logs, packet capture captures data packets without analysis, and SNMP traps are used for network monitoring rather than security event correlation.