[FCF] Cybersecurity 2.0 - Lesson 11 : SIEM (Quesion&Answer)

Q. What was the impetus for more automation and machine learning in later SIEM devices?
Select one:

- Demand to reduce MIS costs 
- Shortage of trained personnel 
- Need to improve MIS efficiency 
- Requirement to manage Big Data 


Q. Which two requirements were the motivation for SIEM? (Choose two.)
Select one or more:

- Increasing number of alerts 
- Exploiting Big Data 
- Complying to regulations  
- Remaining competitive 


Q. What was the primary driver for purchasing SIEM?
Select one:

- Collect information about customers 
- Comply with regulations
- Improve MIS efficiency
- Compensate for the skills-gap labor shortage


Q. Which three compliance regulations are legislative and industry-sponsored? (Choose three.)
Select one or more:

- Payment Card Industry (PCI) standard
- General Data Protection Regulation (GDPR) 
- Health Insurance Portability and Accountability Act (HIPAA)
- Health Portability Insurance and Accountability Act (HPIAA)
- Payment Industry Card (PIC) standard


Q. Which compliance, if ignored by businesses, hospitals, and other organizations, can result in punitive fines?
Select one:

- Complying to machine learning checks 
- Complying to automatic backups and integrity checks 
- Complying to User and entity behavior analytics (UEBA)
- Complying to regulations


Q. What is one method that SIEM uses to analyze data?
Select one:

- Watch for known indicators of compromise (IoC)
- Apply security controls 
- Decipher encrypted data flows
- Decipher encrypted logs and alerts 


Q. What does SIEM do primarily?
Select one:

- Manage network events and alerts
- Manage network information and alerts
- Collect, normalize, and store log events and alerts
- Connect all security tools together into defined workflows


Q. Which feature is a characteristic of later SIEMs?
Select one:

- Deciphering encrypted data flows 
- Collect, normalize, and store log events and alerts
- User and entity behavior analytics (UEBA)
- Automatic backups and integrity checking


Q. Which problem was a barrier to the general acceptance of first-generation SIEM?
Select one:

- Cost to purchase was prohibitive
- High-level of skill was required
- Did not have the features needed by organizations
- The point solution approach to network security


Q. Which feature provides SIEM greater visibility into the entire network?
Select one:

- Analyzing logs and alerts from a single-pane-of-glass
- Deciphering encrypted logs and alerts
- Complying with regulations
- Sharing of logs by IoTs and BYODs