A company is facing multiple suspicious incidents against a sensitive server. They have logs from vulnerability scans, third-party systems, and a hosted environment. They want one approach that helps them understand how these attacks keep succeeding. Which method best unifies the data for thorough review?
Analyze logs from the hosted environment first and incorporate external data sources later
Collect logs from multiple sources in a unified repository and apply cross-referencing with intelligence data
Use vulnerability scans to guide analysis efforts as part of a broader review
Review data sources individually and integrate findings afterwards
Consolidating logs in one place and applying consistent analysis uncovers critical details that isolated processes often miss. Narrowing the focus to a single source or separating data streams can overlook key indicators attackers exploit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to consolidate logs in a unified repository?
Open an interactive chat with Bash
What is cross-referencing with intelligence data in the context of log analysis?
Open an interactive chat with Bash
Why is focusing on a single source or reviewing data separately less effective?