CompTIA Security+ SY0-701 Practice Question
An organization wishes to scrutinize network traffic to detect anomalies, like substantial data transfers during off-peak hours. Which solution is most fitting for generating insights into such network traffic behaviors?
Simple Network Management Protocol (SNMP) traps, a protocol used for managing network equipment and handling event notifications,
Antivirus software, designed to detect, prevent, and remove malware,
NetFlow, a network protocol for collecting IP traffic information and monitoring network flow,
Security Information and Event Management (SIEM) solution, a comprehensive approach to security management that aggregates and analyzes security events,