An information security manager is fine tuning a Security Information and Event Management ( SIEM ) system in a company that has recently reported a series of unauthorized account access attempts The manager wants to ensure prompt detection of similar incidents for immediate investigation Which approach should the manager consider to optimize the system s alerting capability A Enabling the SIEM system to send an alert for every received threat intelligence feed B Setting the SIEM system to generate an alert for every single user login failure C Configuring the SIEM system to alert when multiple login failures for the same account occur within a specified time period D Arranging the SIEM system to archive all historical log data for retrospective incident and threat hunting

The Answer is in the image, click to view ...

Question: An information security manager is fine - tuning a Security Information and Event Management ( SIEM ) system in a company that has recently reported

An information security manager is fine

-

tuning a Security Information and Event Management

(

SIEM

)

system in a company that has recently reported a series of unauthorized account access attempts. The manager wants to ensure prompt detection of similar incidents for immediate investigation. Which approach should the manager consider to optimize the system

s alerting capability?

.

Enabling the SIEM system to send an alert for every received threat intelligence feed

.

Setting the SIEM system to generate an alert for every single

-

user login failure

.

Configuring the SIEM system to alert when multiple login failures for the same account occur within a specified time period

.

Arranging the SIEM system to archive all historical log data for retrospective incident and threat hunting

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

An information security manager is fine - tuning a Security Information and Event Management ( SIEM ) system in a company that has recently reported a series of unauthorized account access attempts....

Project 1: Analysis of a 10- K (10%) 1. Locate a 10-K of your choice from the SEC website (www.sec.gov). Present your choice in the conference set up for same in Week #1 for approval by stating the...

Task details: Toyota Company, a prominent Japanese enterprise headquartered in Tokyo, is experiencing rapid growth and aims to expand its business globally, including cities within Japan and Sydney,...

Please answer the below questions about Amazon . I have attached their 10-K which you should be able to find all this information. For each question, please write 2-3 paragraphs. If you use any other...

A digital forensics analyst at a healthcare company is investigating a case involving a potential internal data breach. The breach has led to unauthorized access and potential exposure of sensitive...

Company Chosen is Amazon. Section 3, Materiality and Risk The senior partner wants to confirm your understanding of key concepts. Summarize each concept 90-175-words each. Materiality Misstatement...

amazon (answers will be on file below) Accounts Receivable: a) Are sales primarily on credit or in cash?b) What is the relative size of accounts receivable?How has this changed over the last...

1. Compare and contrast ZF and TRW. Based on ZFs motives for making this acquisition, what specific challenges do you think might arise during the integration process? 2. What megatrends in the...

Read the case study "Google: new product innovation at the speed of light" and answer the following questions: 1. Identify major similarities and differences between the new products development...

Use the following data to calculate the current ratio. Cash Accounts receivable Inventory Prepaid insurance Stock investments (long-term) Land Buildings Less: Accumulated depreciation Patent Total...

Part Two: Reflection Write a reflection of your incorporated feedback from the Project One milestone and additional tax research. Specifically, you must address the following: Explain how your work...

Seved Help 14 Wisconsin Snowmobile Corp. is considering a switch to level production Cost efficiencies would occur under level production, and aftertax costs would decline by $31,500, but inventory...

Question Can a partnership provide HRA benefits to a partner on a favorable tax basis?

Question How does the car expense deduction differ if the car is used 50% or less (as opposed to more than 50%) for business purposes?

Question What types of getting to work trips are business expenses as opposed to commuting?