CompTIA Security+ (SY0-701) — Question 412

A security team at a large, global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retention length reduced?

Answer options

• A. Packet capture
• B. Endpoint logs
• C. OS security logs
• D. Vulnerability scan

Correct answer: A

Explanation

Packet capture data is often voluminous and can be expensive to store long-term without providing significant investigative value after a certain period. In contrast, Endpoint logs, OS security logs, and Vulnerability scans tend to hold more ongoing relevance for security audits and compliance, justifying their longer retention.