- What elements would you typically expect to make up a SIEM environment?
- Client, server, agent
- Archive, cloud processor, contribution network
- Central processing node, sensors, database/logging
- Agents, sensors, logging, reporting, Central processing node
- How can SIEM directly support enhanced security services?
- By increasing the integrity of event messages
- By overlaying additional contextual information using authentication messages. This will achieve a correlated view of authentication
- By improving the overall availability of a processing environment
- By increasing the confidentiality of event messages
- When considering the budget of a SIEM service, what are the components that should be considered?
- Monitoring agents and ...