CompTIA
CAS-003 · Question #693
CAS-003 Question #693: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #693. The question stem and answer options stay visible for context.
Enterprise Security Operations
Question
Following the merger of two large companies the newly combined security team is overwhelmed by the volume of logs flowing from the IT systems. The company's data retention schedule complicates the issue by requiring detailed logs to be collected and available for months. Which of the following designs BEST meets the company's security and retention requirement?
Options
- AForward logs to both a SlEM and a cheaper longer-term storage and then delete logs from the
- BReduce the log volume by disabling logging of routine maintenance activities or failed
- CSend logs to a SlEM that correlates security data and store only the alerts and relevant data
- DMaintain both companies' logging and SlEM solutions separately but merge the resulting alerts
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#SIEM#log management#data retention#security operations