Log Management — CompTIA Security+ (SY0-701) Practice Questions
Log management covers the collection, storage, normalization, retention, and protection of log data generated by systems, applications, and network devices. On the SY0-701 exam, candidates must understand why logs are critical for detecting attacks, supporting incident investigations, and satisfying compliance requirements such as PCI DSS and HIPAA audit trails. Topics include log aggregation architectures, syslog protocols, log integrity controls to prevent tampering, and appropriate retention periods. Poor log management can leave an organization unable to detect a breach or reconstruct a timeline during forensic analysis.
Free questions on log management
What is the purpose of a Security Information and Event Management (SIEM) system?
Free question · easy · full answer + explanation
More log management questions in the full bank
- An organization implements a SIEM solution. What is the primary function of a SIEM? Unlock answer & explanation →
- A SIEM system collects and analyzes which type of data? Unlock answer & explanation →