Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.

Exam CISSP topic 1 question 407 discussion

Actual exam question from ISC's CISSP
Question #: 407
Topic #: 1
[All CISSP Questions]

Which type of log collection is focused on detecting and responding to attacks, malware infection, and data theft?

  • A. Intrusion detection
  • B. Operational
  • C. Security
  • D. Compliance
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Chris
16 hours, 43 minutes ago
Selected Answer: C
The CISSP Official Study Guide states that security logs are specifically used to record access to resources and can help detect malicious activities such as unauthorized access and data theft. These logs are essential for identifying and responding to security incidents​​. Therefore, the correct answer is: C. Security This information is found on pages 835-836 of the study guide​
upvoted 1 times
...
safri
4 weeks ago
Selected Answer: C
I would go with D because of data theft. The threat can already be inside your network and would not be detected in intrusion detection. Also security is broader
upvoted 1 times
...
CCNPWILL
1 month ago
Selected Answer: A
Language keywords suggest answer is A and not C. but sure C can, it is a broad answer. answer broadly or answer what is asked? I will go with A.
upvoted 1 times
...
hoho2000
3 months, 3 weeks ago
Selected Answer: D
Should be D. IDS dont response to attack short of issuing an alert or email. In this context I would say the question is asking for stopping the attack since they added in malwares etc words
upvoted 1 times
...
GeenHersens
4 months, 2 weeks ago
Selected Answer: A
Answer C is too broad. The question contains "focused" and IDS detects and responds to "attacks, malware infection, and data theft".
upvoted 1 times
...
pete79
4 months, 4 weeks ago
Selected Answer: C
C contains A
upvoted 2 times
...
GuardianAngel
5 months ago
SOAR collects security logs and can respond and "security logs" can include system, security, router, firewall, EDR and other logs. I would say C. Security logs is correct. ID can be either just detection or it can be detection and response, but it doesn't cover malware infection, and data theft as well as a SOAR can.
upvoted 1 times
...
gjimenezf
5 months, 1 week ago
Selected Answer: A
IDS is the best, Security is limited
upvoted 1 times
...
GPrep
6 months ago
Selected Answer: A
I'm going with A. Security logs are just that, logs, they won't react in any way. While IPS is a better solution on the network, IDS CAN respond - see pg 414 of the CISSP Study guide - "Until your browser and/or host-based intrusion detection system (HIDS) can detect and respond to push lockers, the only response is to close/terminate the browser and not return to the same URL. Host-based CAN respond in some way.
upvoted 3 times
...
YesPlease
6 months, 2 weeks ago
Selected Answer: A
Answer A) IDS Keywords in question, "detecting and responding". Only IDS can do this from the list provided.
upvoted 1 times
...
babaseun
1 year, 2 months ago
Selected Answer: C
How will Intrusion detection detect data theft?
upvoted 2 times
jackdryan
1 year, 1 month ago
C is correct
upvoted 1 times
...
...
[Removed]
1 year, 3 months ago
Selected Answer: C
I would go for C here. I think IDS logs are too narrow of a concept for data theft and malware. Security seems a broader concept that covers it all.
upvoted 1 times
...
Goseu
1 year, 3 months ago
Selected Answer: C
The type of log collection that is focused on detecting and responding to attacks, malware infection, and data theft is Security log collection. ChatGPT
upvoted 1 times
...
Delab202
1 year, 3 months ago
Selected Answer: C
Security log collection is focused on detecting and responding to attacks, malware infection, and data theft. Security log collection involves the monitoring and analysis of various system and application logs to identify security-related events, such as failed login attempts, changes to system configurations, and network activity. This type of log collection is critical for identifying and responding to security incidents, such as cyber attacks, malware infections, and data theft.
upvoted 1 times
...
sausageman
1 year, 3 months ago
Selected Answer: A
Definitely A. https://resources.infosecinstitute.com/certification/logging-monitoring-need-know-cissp/#:~:text=An%20overview%20of%20log%20file&text=Some%20popular%20examples%20of%20log,prevention%20system%20(IPS)%20logs.
upvoted 1 times
...
liledag
1 year, 3 months ago
The type of log collection that is focused on detecting and responding to attacks, malware infection, and data theft is Security log collection. Therefore, option C, Security, is the correct answer. Intrusion detection log collection is a type of security log collection that focuses specifically on detecting and preventing unauthorized access to a network or system. Operational log collection, on the other hand, is focused on monitoring the performance and availability of IT infrastructure, such as servers, applications, and network devices. Compliance log collection involves collecting and retaining logs to meet regulatory requirements and industry standards, such as PCI DSS, HIPAA, and GDPR. While all three types of log collection are important, security log collection is the most critical for detecting and responding to security incidents and threats.
upvoted 2 times
...
Bodatiousbob
1 year, 4 months ago
Selected Answer: A
I agree with A, IDS can detect and respond to all those provided scenarios. While they cannot "prevent", they can still inform/respond by sending alerts. Page 820 of the CISSP 9th edition official study guide.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
ex Want to SAVE BIG on Certification Exam Prep?
close
ex Unlock All Exams with ExamTopics Pro 75% Off
  • arrow Choose From 1000+ Exams
  • arrow Access to 10 Exams per Month
  • arrow PDF Format Available
  • arrow Inline Discussions
  • arrow No Captcha/Robot Checks
Limited Time Offer
Ends in