Certified SOC Analyst (CSA) — Question 51

Identify the event severity level in Windows logs for the events that are not necessarily significant, but may indicate a possible future problem.

Answer options

• A. Failure Audit
• B. Warning
• C. Error
• D. Information

Correct answer: B

Explanation

The correct answer is B, Warning, as it indicates potential issues that might need attention in the future. A Failure Audit and Error are more serious and signify actual failures or significant problems, while Information is used for routine operations that do not indicate issues.