Questions

  1. What elements would you typically expect to make up a SIEM environment?
    1. Client, server, agent
    2. Archive, cloud processor, contribution network
    3. Central processing node, sensors, database/logging
    4. Agents, sensors, logging, reporting, Central processing node
  1. How can SIEM directly support enhanced security services?
    1. By increasing the integrity of event messages
    2. By overlaying additional contextual information using authentication messages. This will achieve a correlated view of authentication
    3. By improving the overall availability of a processing environment
    4. By increasing the confidentiality of event messages
  1. When considering the budget of a SIEM service, what are the components that should be considered?
    1. Monitoring agents and console
    2. Software licensing, implementation fees
    3. Implementation project, hardware (platform/storage), software, operational costs
    4. Archivel storage system and processing nodes
  1. Which phase of hacking performs an actual attack on a network or system?
    1. Reconnaissance
    2. Maintaining Access
    3. Scanning
    4. Gaining Access
  1. What is the best statement for taking advantage of a weakness in the security of an IT system?
    1. Threat
    2. Attack
    3. Exploit
    4. Vulnerability