CYBER.ORG: AP Cybersecurity – Lesson 4.9.1 – Logs | Networking and Cybersecurity with Mister Marmolejo

Objective:

Students will be able to analyze how logs can be used to support an investigation.

Standards:

CompTIA Security+ SYO-701 Objective:

4.9 – Given a scenario, use data sources to support an investigation

Log data
- Firewall logs
- Application logs
- Endpoint logs
- OS-specific security logs
- IPS/IDS logs
- Network logs
- Metadata
Data sources
- Vulnerability scans
- Automated reports
- Dashboards
- Packet captures

Guiding Question:

How can logs be used to support an investigation?

Resources:

Lesson 4.8.1 – Incident Response.pptx Presentation available on Google Classroom

Assignment:

Read the Lesson 4.9.1 – Logs.pptx presentation in today’s class.
Complete the Unit 3 – Logs Check for Understanding activity using the materials provided in Google Classroom.
Complete the Lab – Metadata.pptx Activity in class using the materials provided in Google Classroom.
To confirm completion the lab activity, upload a screenshot displaying the metadata displayed when using exiftool on the target image file to today’s Google Classroom post.

Assigned: January 13th, 2026
Teacher Pacing Due Date: January 14th, 2026

It's dangerous to go alone!