SIEM Functions (Choose two)
A.
correlation between logs and events from multiple sys
B.
event aggregation that allows reduced logs stogarge
C.
comined managemant access to firewalls
D.
…
Explanation:
BD
Security Information Event Management SIEM
+ Log collection of event records from sources throughout the organization provides important forensic tools
and helps to address compliance reporting requirements.
+ Normalization maps log messages from different systems into a common data model, enabling the
organization to connect and analyze related events, even if they are initially logged in different source formats.
+ Correlation links logs and events from disparate systems or applications, speeding detection of and reaction
to security threats.
+ Aggregation reduces the volume of event data by consolidating duplicate event records.
+ Reporting presents the correlated, aggregated event data in real-time monitoring and long-term
summaries.
Source: http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-smartbusinessarchitecture/
sbaSIEM_deployG.pdf