SIEM Functions (Choose two)

SIEM Functions (Choose two)

SIEM Functions (Choose two)

A.
correlation between logs and events from multiple sys

B.
event aggregation that allows reduced logs stogarge

C.
comined managemant access to firewalls

D.

Explanation:
BD
Security Information Event Management SIEM
+ Log collection of event records from sources throughout the organization provides important forensic tools
and helps to address compliance reporting requirements.
+ Normalization maps log messages from different systems into a common data model, enabling the
organization to connect and analyze related events, even if they are initially logged in different source formats.
+ Correlation links logs and events from disparate systems or applications, speeding detection of and reaction
to security threats.
+ Aggregation reduces the volume of event data by consolidating duplicate event records.
+ Reporting presents the correlated, aggregated event data in real-time monitoring and long-term
summaries.
Source: http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-smartbusinessarchitecture/
sbaSIEM_deployG.pdf

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

Alexander

Alexander

2017/Aug New Updated 210-260 exam questions:
QUESTION 91
Which type of address translation should be used when a Cisco ASA is in transparent mode?

A. Static NAT
B. Dynamic NAT
C. Overload
D. Dynamic PAT

Answer: A

QUESTION 92
Which components does HMAC use to determine the authenticity and integrity of a message? (Choose two.)

A. The password
B. The hash
C. The key
D. The transform set

Answer: BC

QUESTION 93
What is the default timeout interval during which a router waits for responses from a TACACS server before declaring a timeout failure?

A. 5 seconds
B. 10 seconds
C. 15 seconds
D. 20 seconds

Answer: A

QUESTION 94
Which RADIUS server authentication protocols are supported on Cisco ASA firewalls? (Choose three.)

A. EAP
B. ASCII
C. PAP
D. PEAP
E. MS-CHAPv1
F. MS-CHAPv2

Answer: CEF

QUESTION 95
Which command initializes a lawful intercept view?

A. username cisco1 view lawful-intercept password cisco
B. parser view cisco li-view
C. li-view cisco user cisco1 password cisco
D. parser view li-view inclusive

Answer: C

QUESTION 96
Which security measures can protect the control plane of a Cisco router? (Choose two.)

A. CCPr
B. Parser views
C. Access control lists
D. Port security
E. CoPP

Answer: AE

QUESTION 97
Which statement about extended access lists is true?

A. Extended access lists perform filtering that is based on source and destination and are most effective when applied to the destination
B. Extended access lists perform filtering that is based on source and destination and are most effective when applied to the source
C. Extended access lists perform filtering that is based on destination and are most effective when applied to the source
D. Extended access lists perform filtering that is based on source and are most effective when applied to the destination

Answer: B

QUESTION 98
Which protocols use encryption to protect the confidentiality of data transmitted between two parties? (Choose two.)

A. FTP
B. SSH
C. Telnet
D. AAA
E. HTTPS
F. HTTP

Answer: BE

QUESTION 99
What are the primary attack methods of VLAN hopping? (Choose two.)

A. VoIP hopping
B. Switch spoofing
C. CAM-table overflow
D. Double tagging

Answer: BD

QUESTION 100
How can the administrator enable permanent client installation in a Cisco AnyConnect VPN firewall configuration?

A. Issue the command anyconnect keep-installer under the group policy or username webvpn mode
B. Issue the command anyconnect keep-installer installed in the global configuration
C. Issue the command anyconnect keep-installer installed under the group policy or username webvpn mode
D. Issue the command anyconnect keep-installer installer under the group policy or username webvpn mode

Answer: C

More new 210-260 exam questions from:
https://drive.google.com/drive/folders/0B75b5xYLjSSNV1RGaFJYZkxGWFk?usp=sharing

Reply