CompTIA Security+ SY0-701 Practice Question

A security analyst is reviewing the logs from an intrusion detection system (IDS) and needs to correlate these logs with network traffic to understand the scope of a suspected breach. Which of the following will provide the MOST useful information for correlating the time of the suspicious IDS alerts with the network traffic captured?

User account changes logged in the authentication server records
Traffic flow metadata collected from network devices such as switches and routers
Application error messages captured by the system's event logs
Device configuration settings from the network management system

CompTIA Security+ SY0-701

Security Operations

Your Score:

SAVE $49

CompTIA Security+ Voucher (SY0-701)

$404.00 $355.00

Bash, the Crucial Exams Chat Bot

AI Bot

CompTIA Security+ SY0-701 Practice Question

Answer Description

Ask Bash

What is Traffic Flow Metadata?

How do IDS and network traffic correlation help in security analysis?

What roles do switches and routers play in collecting traffic flow metadata?

Monthly

$14.99

billed monthly
(cancel any time)

3 Month Pass

$34.99

One time purchase
Does not auto-renew.

Annual Pass

$59.99 $41.99

One time purchase
Does not auto-renew.

Lifetime Pass

$119.99 $83.99

One time purchase
Good for life.

All Exams

Unlimited Tests

Unlimited Questions

AI Tutor

Track scores

Report Cards

Voucher Discounts

Advanced PBQs

Included Exams

CompTIA Security+ SY0-701 Practice Question

Report Issue

Answer Description

Ask Bash

What is Traffic Flow Metadata?

How do IDS and network traffic correlation help in security analysis?

What roles do switches and routers play in collecting traffic flow metadata?

Report Issue