nerdexam
(ISC)2

CISSP · Question #963

Which type of log collection is focused on detecting and responding to attacks, malware infection, and data theft?

The correct answer is C. Security. Security log collection is specifically designed to monitor and detect threats such as attacks, malware infections, and data theft. It focuses on identifying malicious activity and enabling incident response.

Submitted by andres_qro· Mar 5, 2026Security Operations

Question

Which type of log collection is focused on detecting and responding to attacks, malware infection, and data theft?

Options

  • AIntrusion detection
  • BOperational
  • CSecurity
  • DCompliance

How the community answered

(33 responses)
  • A
    3% (1)
  • C
    94% (31)
  • D
    3% (1)

Why each option

Security log collection is specifically designed to monitor and detect threats such as attacks, malware infections, and data theft. It focuses on identifying malicious activity and enabling incident response.

AIntrusion detection

Intrusion detection is a security control mechanism (IDS/IPS), not a category of log collection; it is a tool that may consume security logs rather than a log collection type itself.

BOperational

Operational log collection focuses on system health, performance, uptime, and availability-not on detecting or responding to security threats like malware or data theft.

CSecurityCorrect

Security log collection is purpose-built to capture events related to cyber threats, including intrusion attempts, malware activity, and unauthorized data access. It provides the visibility needed for security operations teams to detect, investigate, and respond to incidents. This type of logging feeds into SIEM systems and SOC workflows focused on threat detection and response.

DCompliance

Compliance log collection is oriented toward meeting regulatory requirements and audit trails (e.g., PCI-DSS, HIPAA), not specifically on detecting attacks or malicious activity in real time.

Concept tested: Security log collection purpose and threat detection focus

Source: https://learn.microsoft.com/en-us/azure/sentinel/connect-data-sources

Topics

#Log management#Security logging#Threat detection#Incident response

Community Discussion

No community discussion yet for this question.

Full CISSP Practice