No Result
View All Result
IT Quesion Library
Contribute
No Result
View All Result
No Result
View All Result

A security analyst in a SOC has been tasked with onboarding a new network into the SIEM. Which of the following BEST describes the information that should feed into a SIEM solution in order to adequately support an investigation?

QuestionsCategory: SY0-601A security analyst in a SOC has been tasked with onboarding a new network into the SIEM. Which of the following BEST describes the information that should feed into a SIEM solution in order to adequately support an investigation?
0 Vote Up Vote Down
Admin Staff asked 1 year ago 
A security analyst in a SOC has been tasked with onboarding a new network into the SIEM. Which of the following BEST describes the information that should feed into a SIEM solution in order to adequately support an investigation?

A. Logs from each device type and security layer to provide correlation of events

B. Only firewall logs since that is where attackers will most likely try to breach the network

C. Email and web-browsing logs because user behavior is often the cause of security breaches

D. NetFlow because it is much more reliable to analyze than syslog and will be exportable from every device B





 

Correct Answer: A

This question is in SY0-601 exam
For getting CompTIA Security+ certificate

Next Post

Cisco IOS Popular Commands

101 Practice Test Free

101-500 Practice Test Free

Related Questions

Recommended

No Result
View All Result

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In