Platforms based on SIEM (security information and event management) technology offer visibility and meaningful insights by collecting, aggregating, and analyzing information from different sources.
An upcoming platform in the security industry is based on SOAR (security orchestration, automation, and response) technology. SOAR platforms are similar to SIEMs in that they aggregate, correlate, and analyze alerts. However, SOAR technology goes a step further by integrating threat intelligence and automating incident investigation and response workflows based on playbooks developed by the security team.
Source: https://www.cisco.com/c/en/us/products/security/what-is-a-security-platform.html#~types-of-security-platforms
So answer A is correct
"A" is correct
Unlike traditional SIEM platforms, SOAR solutions can also be used for threat and vulnerability management, security incident response, and security operations automation.
Example of products:
Log collection (SolarWinds Security Event Manager) -----> SIEM (IBM QRadar) -----> SOAR (IBM Resilient)
"Unlike traditional SIEM platforms, SOAR solutions can also be used for threat and
vulnerability management, security incident response, and security operations
automation." This senetence is from the Official CertGuide book. pg 461 in the Tip box
The answer is D: but how can you say that this answer is right: SOAR platforms are used for threat and vulnerability management, but SIEM applications are not. So what is SIEM used for to peel potatoes?
But who gave you these answers?
SIEMS are used for logging entry by applications, endpoints and servers, and makes a nice list for a tech to review,
A SOAR go a step further by responding to security incidents
The best answer is A. SOAR (Security Orchestration, Automation, and Response) platforms are used for threat and vulnerability management, while SIEM (Security Information and Event Management) applications are primarily used for log and event management. SOAR platforms integrate with SIEM systems to receive security event data and initiate automated responses based on defined playbooks.
I think the correct answer is B.
A. SOAR platforms are used for threat and vulnerability management, but SIEM applications are not - This statement is not entirely accurate. SIEM applications are also used for threat and vulnerability management.
C. SOAR receives information from a single platform and delivers it to a SIEM - This statement is incorrect because SOAR platforms can integrate with multiple security tools, not just a single platform.
D. SIEM receives information from a single platform and delivers it to a SOAR - This statement is incorrect because SIEM applications collect and analyze security-related data from multiple sources, not just a single platform.
So, only option B correctly describes the relationship between SIEM and SOAR, where SIEM is used for threat and vulnerability management while SOAR is not.
Correct Answer is A: SIEM vs SOAR - In short, SIEM aggregates and correlates data from multiple security systems to generate alerts while SOAR acts as the remediation and response. "Note SIEM from multiple security systems"
A IS CORRECT ,SOAR USE TO IDENTIFY AND MITIGATE THE VULNERABILITY IT CAN RESPONSE ,,,SIEM ONLY LOG MANAGMENT AND SECURITY MONITORING
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Leo_Visser
Highly Voted 3 years, 5 months agoanonymous1966
Highly Voted 3 years, 2 months ago3000bd6
Most Recent 4 days, 22 hours agomsg01
1 year agoHazem1234u
1 year agoFaio
1 year, 1 month agoWISDOM2080
1 year, 2 months agoTopsecret
1 year, 4 months agoethhacker
1 year, 2 months agosometacos
1 year, 6 months agoalhamry
1 year, 6 months agodrdecker100
1 year, 9 months agoUzumaki_Aliyy
2 years, 3 months agohalamah
3 years ago