Learn how XDR provides a holistic view of enterprise activity, making it a crucial tool in identifying and responding to security threats.
Table of Contents
Question
A laptop that is company owned and managed is suspected to have malware. The company implemented centralized security logging. Which of the following log sources will confirm the malware infection?
A. XDR logs
B. Firewall legs
C. IDS logs
D. MFA logs
Answer
A. XDR logs
Explanation
Extended Detection and Response (XDR) is a security product that combines multiple protection technologies into a single platform. XDR collects and automatically correlates data across multiple security layers – email, endpoint, server, cloud workloads, and network – so threats can be detected faster and security incidents can be responded to more efficiently.
XDR provides a holistic view of the activity across the enterprise, making it easier to identify malicious activity. If a laptop is suspected to have malware, XDR logs would be the most comprehensive source of information to confirm the malware infection.
CompTIA CS0-003 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA CS0-003 exam and earn CompTIA CS0-003 certification.