Jill wants to identify a potential network-based distributed denial-of-service (DDoS) attack. Which of the following log sources is most likely to provide information that will allow her to identify the attack?

IDS and IPS devices are the only network security device in this list. Other common logs used to identify potential DDoS attacks include network logs and firewall logs. Application and web server logs may be useful if the DDoS is associated with an application. OS- specific security logs, endpoint logs, and authentication logs are not typical places to find useful information for a network-based DDoS attack.