What are two reasons the responder should analyze the information using Syslog?

An Incident Responder wants to create a timeline for a recent incident using Syslog in addition to ATP for the After Actions Report.

What are two reasons the responder should analyze the information using Syslog? (Choose two.)
A . To have less raw data to analyze
B . To evaluate the data, including information from other systems
C . To access expanded historical data
D . To determine what policy settings to modify in the Symantec Endpoint Protection Manager (SEPM)
E . To determine the best cleanup method

Answer: BE

Latest 250-441 Dumps Valid Version with 70 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>