Certified Information Systems Security Professional (CISSP) — Question 184

Which type of log collection is focused on detecting and responding to attacks, malware infection, and data theft?

Answer options

• A. Intrusion detection
• B. Operational
• C. Security
• D. Compliance

Correct answer: C

Explanation

The correct answer is C, as security log collection is explicitly designed to monitor for and respond to security incidents such as attacks and data theft. Options A, B, and D do not primarily focus on detecting security threats; intrusion detection systems monitor for breaches, operational logs track system performance, and compliance logs ensure regulatory adherence.