CompTIA Security+ (SY0-701) — Question 370

Which of the following strategies should an organization use to efficiently manage and analyze multiple types of logs?

Answer options

• A. Deploy a SIEM solution
• B. Create custom scripts to aggregate and analyze logs.
• C. Implement EDR technology.
• D. Install a unified threat management appliance.

Correct answer: A

Explanation

A SIEM solution is specifically designed to collect, analyze, and manage logs from various sources, making it the most efficient choice. Custom scripts may require extensive maintenance and may not scale well, while EDR technology focuses on endpoint protection rather than log management. A unified threat management appliance typically integrates security features but is not primarily aimed at log analysis.