CASP+ CAS-003 – Question 101

0
55

A security technician is incorporating the following requirements in an RFP for a new SIEM:

  • New security notifications must be dynamically implemented by the SIEM engine
  • The SIEM must be able to identify traffic baseline anomalies
  • Anonymous attack data from all customers must augment attack detection and risk scoring

Based on the above requirements, which of the following should the SIEM support? (Choose two.)

A. Autoscaling search capability
B. Machine learning
C. Multisensor deployment
D. Big Data analytics
E. Cloud-based management
F. Centralized log aggregation

Correct Answer: BD

LEAVE A REPLY

Please enter your comment!
Please enter your name here