CISSP Question #188: Real Exam Question with Answer & Explanation

The correct answer is B: Forensics and incident response. Retaining system logs for six months or longer can be valuable for forensics and incident response activities. System logs are records of events that occur on a system, such as user actions, system errors, security alerts, network traffic, etc. System logs can provide useful evid

Submitted by manish99· Mar 5, 2026Security Operations

Question

Retaining system logs for six months or longer can be valuable for what activities?

Options

ADisaster recovery and business continuity
BForensics and incident response
CIdentity and authorization management
DPhysical and logical access control

Explanation

Retaining system logs for six months or longer can be valuable for forensics and incident response activities. System logs are records of events that occur on a system, such as user actions, system errors, security alerts, network traffic, etc. System logs can provide useful evidence and information for investigating and analyzing security incidents, such as the source, scope, impact, and timeline of the incident, as well as the potential vulnerabilities, threats, and attackers involved. System logs can also help with incident recovery and remediation, as well as with improving security controls and policies

Topics

#Log management#Incident response#Digital forensics

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions