Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Certnexus Discussions
exam questions

Exam CFR-310 All Questions

View all questions & answers for the CFR-310 exam
Go to Exam

Exam CFR-310 topic 1 question 69 discussion

Actual exam question from CertNexus's CFR-310
Question #: 69
Topic #: 1
[All CFR-310 Questions]

Which of the following is the GREATEST risk of having security information and event management (SIEM) collect computer names with older log entries?

  • A. There may be duplicate computer names on the network.
  • B. The computer name may not be admissible evidence in court.
  • C. Domain Name System (DNS) records may have changed since the log was created.
  • D. There may be field name duplication when combining log files.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by 044f354 at Sept. 28, 2024, 10:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
044f354
1 month, 3 weeks ago
Selected Answer: C
C. Domain Name System (DNS) records may have changed since the log was created. The GREATEST risk of having a SIEM collect computer names with older log entries is that DNS records may have changed over time. This means that the computer name associated with an older log entry might no longer resolve to the same IP address, leading to difficulties in accurately identifying which system generated the event at the time it occurred. Here’s a breakdown of the other options: A. Duplicate computer names: While possible, most modern networks use unique identifiers (like GUIDs or IP addresses) to distinguish systems, so this is less of a risk. B. Admissibility in court: The primary concern here would be the integrity of the logs and chain of custody, not the specific inclusion of a computer name. D. Field name duplication: This is more of a log parsing or storage issue rather than a significant risk in network security or forensics.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel