You work as a Security Manager for Tech Perfect Inc. You have set up a SIEM server for the
following purposes: Analyze the data from different log sources Correlate the events among the
log entries Identify and prioritize significant events Initiate responses to events if required One of
your log monitoring staff wants to know the features of SIEM product that will help them in these
purposes. What features will you recommend? Each correct answer represents a complete
solution. Choose all that apply.
A.
Asset information storage and correlation
B.
Transmission confidentiality protection
C.
Incident tracking and reporting
D.
Security knowledge base
E.
Graphical user interface
Explanation:
The features of SIEM products are as follows: Graphical user interface (GUI): It is
used in analysis for identifying potential problems and reviewing all available data that are
associated with the problems. Security knowledge base: It includes information on known
vulnerabilities, log messages, and other technical data. Incident tracking and hacking: It has robust
workflow features to track and report incidents. Asset information storage and correlation: It gives
SIEM product does not have this feature.