For those who are saying "Retention " = retention is something which we define as a date or week or month or year for saving logs or any other kind of data . after the defined period, the data will be overwritten . lets take CCTV data storage as an example. if we are configuring the storage settings for 1 moth , it will only keep 1 month of recent video footage , the old footages will be overwritten . Ans is D
Log retention prevents to logs to be overwritten. If retention time is to short than preservation will not help because it keeps overwritten and not completer. Other advantage. It is easier and cheaper.
A: is my answer
From OSG:
16. Gavin is considering altering his organization’s 'log retention' policy to delete logs at the end of each day. What is the most important reason that he should avoid this approach?
A. An incident may not be discovered for several days and valuable evidence could be lost.
The organization’s policies and procedures should also address the preservation of original logs. Many organizations send copies of network traffic logs to centralized devices, as well as use tools that analyze and interpret network traffic. So D is correct.
The correct answer is A
The answer that best ensures old log data is not overwritten is log retention, option A.
Log retention policies and procedures specifically preserve and archive logs for compliance and analysis needs, preventing them from being purged or overwritten.
Syslog may provide centralized logging but does not itself retain old logs.
Increasing log file size allows storing more events but does not guarantee retaining old data.
While log preservation is close, log retention is the most precise term for maintaining archives of old log data.
i have to go with A. Log retention.
Log retention refers to the practice of storing log data for a specified period of time. It ensures that old log data is not overwritten or deleted, allowing for historical analysis, forensic investigations, compliance requirements, and detection of security incidents. By defining and implementing log retention policies, organizations can establish guidelines for how long log data should be retained based on regulatory requirements, business needs, and security considerations. This helps in preserving log data for future reference and maintaining a comprehensive audit trail of system activities.
this is why ?
Increasing the log file size does not ensure that old log data is not overwritten. It simply allows for a larger storage capacity for log data. However, once the log file reaches its maximum size, new log entries may still overwrite the oldest entries.
On the other hand, log retention is a specific practice of preserving log data for a specified period of time, ensuring that it is not overwritten or deleted. This allows for the availability of historical logs for analysis, compliance, and security purposes. Therefore, log retention is the appropriate answer to ensure that old log data is not overwritten.
A. Log retention
Log retention is the practice of keeping log data for a certain period of time. It ensures that old log data is not overwritten, and it can be used for analysis, troubleshooting, and compliance purposes. The retention period can be set according to the organization's needs, and it can be defined as a number of days, weeks, or months.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
DERCHEF2009
Highly Voted 2 years, 3 months agojackdryan
1 year, 7 months agoCoolwater
Highly Voted 2 years, 2 months agonuggetbutts
Most Recent 1 month, 2 weeks agoBietchasup
4 weeks, 1 day agosomsom
1 month, 3 weeks agodeeden
4 months, 3 weeks agoMP26
8 months, 1 week agojohn_boogieman
9 months agoKyanka
9 months, 3 weeks agoHongjun
9 months, 4 weeks agoInclusiveSTEAM
1 year, 2 months agoLalithW
1 year, 2 months agogeorgegeorge125487
1 year, 4 months agoMShaaban
1 year, 4 months agojanvandermerwer
1 year, 5 months agoBach1968
1 year, 5 months agoBach1968
1 year, 5 months agoDee83
1 year, 11 months ago