Certified SOC Analyst (CSA) — Question 56

In which log collection mechanism, the system or application sends log records either on the local disk or over the network.

Answer options

• A. rule-based
• B. pull-based
• C. push-based
• D. signature-based

Correct answer: C

Explanation

The correct answer is C, push-based, because this method actively sends logs to a specified destination. In contrast, pull-based (B) requires a separate process to retrieve the logs, while rule-based (A) and signature-based (D) do not pertain directly to the method of log transmission.