Which statement about log management is true?

The correct answer highlights an important distinction between the types of data relevant to IT Security and IT Operations. The source log data indeed differs for these two areas due to their distinct focus and objectives.

For IT Operations, logs typically consist of performance metrics, server logs, application logs, and system events that provide visibility into the infrastructure and operational performance. This helps in monitoring system health, troubleshooting issues, and ensuring optimal resource management.

On the other hand, IT Security focuses on logs generated from security devices (such as firewalls and intrusion detection systems), user access logs, and application activity logs that help detect and respond to security incidents. These logs are essential for identifying vulnerabilities, tracking potential breaches, and maintaining compliance with regulations.

The variation in log sources reinforces the necessity for tailored log management strategies and tools for each discipline, ensuring that both security and operational needs are effectively met.