CertNexus Exam CFR-410 Topic 7 Question 33 Discussion

Actual exam question for CertNexus's CFR-410 exam

Question #: 33
Topic #: 7

[All CFR-410 Questions]

A security administrator needs to review events from different systems located worldwide. Which of the

following is MOST important to ensure that logs can be effectively correlated?

ALogs should be synchronized to their local time zone.

BLogs should be synchronized to a common, predefined time source.

CLogs should contain the username of the user performing the action.

DLogs should include the physical location of the action performed.

Show Suggested Answer

Suggested Answer: A, B

by Kristin at Apr 30, 2024, 01:42 PM

Limited Time Offer

25%

Off

Get Premium CFR-410 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Franchesca

3 days ago

Haha, Jacquline's got a point there. Maybe they should just use 'Swatch Internet Time' to keep it really simple. That way, we can all just show up to the exam in our bathing suits and not worry about time zones at all!

upvoted 0 times

...

Jacquline

4 days ago

B all the way, baby! Synchronizing to a common time source is the key. Although, I do wonder if the time source should be in Greenwich Mean Time or Zulu time... Decisions, decisions.

upvoted 0 times

...

Nina

8 days ago

Hmm, I was leaning towards D at first, but then I realized that the physical location doesn't really matter if the timestamps are all over the place. B is definitely the best option to ensure proper log correlation.

upvoted 0 times

...

Natalie

9 days ago

I agree, B is the way to go. Trying to keep track of time zones for every system would just give me a headache. Plus, what if one of the systems is off by a few minutes? Total chaos.

upvoted 0 times

...

Maryln

16 days ago

I see both points, but I think option C is also important. Having the username in the logs can help track down any suspicious activity.

upvoted 0 times

...

Dorothea

18 days ago

B) Logs should be synchronized to a common, predefined time source seems like the obvious choice here. How else are you going to correlate events across different systems? Trying to match up local time zones would be a nightmare.

upvoted 0 times

Cassandra

2 days ago

A: I agree, having logs synchronized to a common time source would make correlation much easier.

upvoted 0 times

...

Alexia

18 days ago

I disagree, I believe option A is crucial. Synchronizing logs to their local time zone is essential for proper analysis.

upvoted 0 times

...

Chauncey

21 days ago

I think option B is the most important. It will help in correlating events accurately.

upvoted 0 times

...