Which of the following is least likely to be a primary blue team logging source?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Enhance your cyber defense skills with the Security Blue Team Level 1 Test. Prepare with flashcards, multiple choice questions, and detailed explanations to ace your exam!

Multiple Choice

Which of the following is least likely to be a primary blue team logging source?

Explanation:
The main idea is to focus on logging sources that provide direct, actionable visibility into security events across the environment. Endpoints with EDR give you detailed, real-time insight into what programs run, what files change, and suspicious behavior on individual machines. Firewalls capture the traffic that enters and leaves the network, showing what was allowed or blocked and helping you spot anomalous patterns at the perimeter. Web proxies also log web activity and can reveal risky browsing or data exfiltration attempts, which is valuable for security monitoring. Mobile game analytics, however, are typically telemetry aimed at developers for engagement, performance, and user behavior within a game. They’re not designed to reflect the organization's security posture or incidents, and they generally don’t map to enterprise threat signals. While web proxy data is useful, its coverage and relevance can be less universal across diverse environments (due to TLS encryption, direct internet access, or cloud-based access methods), making it less of a reliable primary source in some contexts compared to endpoints and firewalls. For these reasons, web proxies are considered the least likely to be a primary blue team logging source in this set.

The main idea is to focus on logging sources that provide direct, actionable visibility into security events across the environment. Endpoints with EDR give you detailed, real-time insight into what programs run, what files change, and suspicious behavior on individual machines. Firewalls capture the traffic that enters and leaves the network, showing what was allowed or blocked and helping you spot anomalous patterns at the perimeter. Web proxies also log web activity and can reveal risky browsing or data exfiltration attempts, which is valuable for security monitoring.

Mobile game analytics, however, are typically telemetry aimed at developers for engagement, performance, and user behavior within a game. They’re not designed to reflect the organization's security posture or incidents, and they generally don’t map to enterprise threat signals. While web proxy data is useful, its coverage and relevance can be less universal across diverse environments (due to TLS encryption, direct internet access, or cloud-based access methods), making it less of a reliable primary source in some contexts compared to endpoints and firewalls. For these reasons, web proxies are considered the least likely to be a primary blue team logging source in this set.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy