A retail bank has had a number of issues in regards to the integrity of sensitive information across
all of its customer databases. This has resulted in the bank’s share price decreasing in value by
50% and regulatory intervention and monitoring.
The new Chief Information Security Officer (CISO) as a result has initiated a program of work to
solve the issues.
The business has specified that the solution needs to be enterprise grade and meet the following
requirements:
Be across all major platforms, applications and infrastructure.
Be able to track user and administrator activity.
Does not significantly degrade the performance of production platforms, applications, and
infrastructures.
Real time incident reporting.
Manageable and has meaningful information.
Business units are able to generate reports in a timely manner of the unit’s system assets.
In order to solve this problem, which of the following security solutions will BEST meet the above
requirements? (Select THREE).
A.
Implement a security operations center to provide real time monitoring and incident response
with self service reporting capability.
B.
Implement an aggregation based SIEM solution to be deployed on the log servers of the major
platforms, applications, and infrastructure.
C.
Implement a security operations center to provide real time monitoring and incident response
and an event correlation dashboard with self service reporting capability.
D.
Ensure that the network operations center has the tools to provide real time monitoring and
incident response and an event correlation dashboard with self service reporting capabilities.
E.
Implement an agent only based SIEM solution to be deployed on all major platforms,
applications, and infrastructures.
F.
Ensure appropriate auditing is enabled to capture the required information.
G.
Manually pull the logs from the major platforms, applications, and infrastructures to a central
secure server.