Lesson 11: SIEM Quiz Answers
Question: Which two requirements were the motivation for SIEM? (Choose two.)
- Complying to regulations
- Increasing number of alerts
- Remaining competitive
- Exploiting Big Data
Question: What was the impetus for more automation and machine learning in later SIEM devices?
- Shortage of trained personnel
- Requirement to manage Big Data
- Need to improve MIS efficiency
- Demand to reduce MIS costs
Question: What was the primary driver for purchasing SIEM?
- Improve MIS efficiency
- Compensate for the skills-gap labor shortage
- Collect information about customers
- Comply with regulations
Question: Which feature provides SIEM greater visibility into the entire network?
- Sharing of logs by IoTs and BYODs
- Deciphering encrypted logs and alerts
- Complying with regulations
- Analyzing logs and alerts from a single-pane-of-glass
Question: Which problem was a barrier to the general acceptance of first-generation SIEM?
- Cost to purchase was prohibitive
- High-level of skill was required
- Did not have the features needed by organizations
- The point solution approach to network security
Question: Which feature is a characteristic of later SIEMs?
- Automatic backups and integrity checking
- Collect, normalize, and store log events and alerts
- Deciphering encrypted data flows
- User and entity behavior analytics (UEBA)
Question: Which three compliance regulations are legislative and industry-sponsored? (Choose three.)
- Payment Card Industry (PCI) standard
- General Data Protection Regulation (GDPR)
- Health Portability Insurance and Accountability Act (HPIAA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Industry Card (PIC) standard
Question: What is one method that SIEM uses to analyze data?
- Decipher encrypted logs and alerts
- Apply security controls
- Watch for known indicators of compromise (IoC)
- Decipher encrypted data flows
Question: What does SIEM do primarily?
- Collect, normalize, and store log events and alerts
- Connect all security tools together into defined workflows
- Manage network information and alerts
- Manage network events and alerts
Question: Which compliance, if ignored by businesses, hospitals, and other organizations, can result in punitive fines?
- Complying to machine learning checks
- Complying to automatic backups and integrity checks
- Complying to User and entity behavior analytics (UEBA)
- Complying to regulations
