SY0-701 · Question #739
SY0-701 Question #739: Real Exam Question with Answer & Explanation
The correct answer is B: Firewall. A firewall log records inbound and outbound network traffic, including source and destination IP addresses, port numbers, and connection attempts. Since port scans involve probing various ports on a network, the firewall logs will provide visibility into the attacker's source IP
Question
A security analyst notices an increase in port scans on the edge of the corporate network. Which of the following logs should the analyst check to obtain the attacker's source IP address?
Options
- AOS security
- BFirewall
- CApplication
- DEndpoint
Explanation
A firewall log records inbound and outbound network traffic, including source and destination IP addresses, port numbers, and connection attempts. Since port scans involve probing various ports on a network, the firewall logs will provide visibility into the attacker's source IP address and help the analyst assess the nature of the scanning activity.
Community Discussion
No community discussion yet for this question.