CompTIA
SY0-701 · Question #1
SY0-701 Question #1: Real Exam Question with Answer & Explanation
Sign in or unlock SY0-701 to reveal the answer and full explanation for question #1. The question stem and answer options stay visible for context.
Submitted by salim_om· Mar 6, 2026Security Operations
Question
A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee's corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?
Options
- AApplication
- BIPS/IDS
- CNetwork
- DEndpoint
Unlock SY0-701 to see the answer
You've previewed enough free SY0-701 questions. Unlock SY0-701 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.