Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCCC Topic 7 Question 60 Discussion

Actual exam question for GIAC's GCCC exam
Question #: 60
Topic #: 7
[All GCCC Questions]

Why is it important to enable event log storage on a system immediately after it is installed?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Lemuel at Sep 15, 2024, 04:38 AM

Limited Time Offer

25%

Off

Get Premium GCCC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alecia
3 months ago
I'd say B is the way to go. Separate the normal from the abnormal - that's the key to incident response.
upvoted 0 times
...
Xenia
3 months ago
Haha, C? That's like comparing apples to oranges. Event logs are for security, not performance.
upvoted 0 times
...
Angelo
3 months ago
D is the one. Identifying rootkits is the top priority when setting up a new system.
upvoted 0 times
Dahlia
2 months ago
D) To identify root kits included on the system out of the box
upvoted 0 times
...
Truman
2 months ago
D) To identify root kits included on the system out of the box
upvoted 0 times
...
Magda
2 months ago
B) To create the ability to separate abnormal behavior from normal behavior during an incident
upvoted 0 times
...
Ammie
3 months ago
A) To allow system to be restored to a known good state if it is compromised
upvoted 0 times
...
Nan
3 months ago
B) To create the ability to separate abnormal behavior from normal behavior during an incident
upvoted 0 times
...
Lewis
3 months ago
A) To allow system to be restored to a known good state if it is compromised
upvoted 0 times
...
...
Jeannetta
3 months ago
I'd go with A. Restoring the system to a known good state is the best way to handle a compromise.
upvoted 0 times
Arlie
3 months ago
A and B both seem like important reasons to enable event log storage immediately.
upvoted 0 times
...
Arlie
3 months ago
I think B is also important, separating abnormal behavior can help in identifying incidents.
upvoted 0 times
...
Arlie
3 months ago
I agree, restoring to a known good state is crucial in case of a compromise.
upvoted 0 times
...
...
Niesha
4 months ago
I think enabling event log storage is crucial for security purposes, so I would go with option A as well.
upvoted 0 times
...
Wilda
4 months ago
Definitely B. Logging events is crucial to detect and investigate any suspicious activity on the system.
upvoted 0 times
Tonette
3 months ago
Definitely B. Logging events is crucial to detect and investigate any suspicious activity on the system.
upvoted 0 times
...
Cathern
3 months ago
B) To create the ability to separate abnormal behavior from normal behavior during an incident
upvoted 0 times
...
Matt
4 months ago
A) To allow system to be restored to a known good state if it is compromised
upvoted 0 times
...
...
Alayna
4 months ago
B) To create the ability to separate abnormal behavior from normal behavior during an incident
upvoted 0 times
...
Flo
4 months ago
A) To allow system to be restored to a known good state if it is compromised
upvoted 0 times
...

Save Cancel