CompTIA Security+ SY0-701 Cert Guide

Chapter 22 Using Data Sources to Support an Investigation

This chapter covers the following topics related to Objective 4.9 (Given a scenario, use data sources to support an investigation) of the CompTIA Security+ SY0-701 certification exam:

Log data
Data sources

This chapter explores the various types of data sources that can be leveraged to support a cybersecurity investigation. It outlines the importance and utility of different kinds of log data, such as firewall logs, application logs, endpoint logs, and more. The chapter also explores other critical data sources, such as vulnerability scans, automated reports, dashboards, and packet captures. Each of these elements plays a vital role in painting a comprehensive picture during an investigation, ...

Get CompTIA Security+ SY0-701 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-701 Cert Guide by Lewis Heuermann

Chapter 22

Using Data Sources to Support an Investigation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly