CompTIA
CAS-003 · Question #794
CAS-003 Question #794: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #794. The question stem and answer options stay visible for context.
Question
Ann, a CIRT member, is conducting incident response activities on a network that consists of several hundred virtual servers and thousands of endpoints and users. The network generates more than 10,000 log messages per second. The enterprise belong to a large, web-based cryptocurrency startup, Ann has distilled the relevant information into an easily digestible report for executive management . However, she still needs to collect evidence of the intrusion that caused the incident. Which of the following should Ann use to gather the required information?
Options
- ATraffic interceptor log analysis
- BLog reduction and visualization tools
- CProof of work analysis
- DLedger analysis software
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.