CompTIA Security+ (SY0-701) — Question 141

Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?

Answer options

• A. SIEM
• B. DLP
• C. IDS
• D. SNMP

Correct answer: A

Explanation

SIEM (Security Information and Event Management) is designed to collect and analyze logs from diverse sources, making it the correct answer. DLP (Data Loss Prevention) focuses on preventing data breaches, IDS (Intrusion Detection System) monitors network traffic for suspicious activity, and SNMP (Simple Network Management Protocol) is used for network management, none of which centralize log data in the same way as SIEM.