CompTIA Server+ (SK0-005) — Question 10

Which of the following tools will analyze network logs in real time to report on suspicious log events?

Answer options

• A. Syslog
• B. DLP
• C. SIEM
• D. HIPS

Correct answer: C

Explanation

The correct answer is SIEM, as it is designed specifically to analyze log data in real time for security events. Syslog is primarily a logging protocol, DLP focuses on data loss prevention, and HIPS is used for intrusion prevention, not log analysis.