Certified SOC Analyst (CSA) — Question 25

Which of the log storage method arranges event logs in the form of a circular buffer?

Answer options

• A. FIFO
• B. LIFO
• C. non-wrapping
• D. wrapping

Correct answer: D

Explanation

The correct answer is D, wrapping, because this method allows the circular buffer to overwrite the oldest logs when it reaches its capacity. Options A (FIFO) and B (LIFO) describe linear storage methods that do not utilize a circular structure, while C (non-wrapping) also does not support the cyclical nature of log storage.