A company is facing multiple suspicious incidents against a sensitive server. They have logs from vulnerability scans, third-party systems, and a hosted environment. They want one approach that helps them understand how these attacks keep succeeding. Which method best unifies the data for thorough review?
Collect logs from multiple sources in a unified repository and apply cross-referencing with intelligence data
Analyze logs from the hosted environment first and incorporate external data sources later
Review data sources individually and integrate findings afterwards
Use vulnerability scans to guide analysis efforts as part of a broader review
Consolidating logs in one place and applying consistent analysis uncovers critical details that isolated processes often miss. Narrowing the focus to a single source or separating data streams can overlook key indicators attackers exploit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it beneficial to collect logs from multiple sources in a unified repository?
Open an interactive chat with Bash
What is cross-referencing with intelligence data, and how does it help in threat analysis?
Open an interactive chat with Bash
What challenges can occur when analyzing logs from separate data sources individually?