Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which tool did Ray use to gather logs from various sources for threat investigation?

  1. GFI LanGuard

  2. SecPod SanerNow

  3. Software Vulnerability Manager

  4. Solarwinds Security Event Manager

The correct answer is: Solarwinds Security Event Manager

Ray used Solarwinds Security Event Manager to gather logs from various sources for threat investigation because this tool is specifically designed for centralized log management and security information and event management (SIEM). Solarwinds Security Event Manager provides capabilities such as log aggregation, real-time event correlation, and detailed reporting, which are essential for analyzing security incidents and uncovering potential threats within an organization's network. By employing this tool, Ray would be able to collect and analyze log data from various systems, enabling a comprehensive investigation of security events. The ability to correlate logs from different sources helps in identifying patterns that may indicate malicious activity, thereby supporting more effective incident response strategies. The other options mentioned, while useful in their respective domains, do not primarily focus on the aggregation and analysis of logs for threat investigation in the same way that Solarwinds Security Event Manager does.

More Questions Like This