Exam N10-007 topic 1 question 25 discussion

Honeypots are vulnerable by design, SIEM is a monitoring tool, not a vulerable system. Answer is B

Shouldn't the word "vulnerable" indicate that it's a honey pot ?... (seriously asking ..)

Keyword here is vulnerable, the answer is honeypot. Study more.

The correct answer is B. Security information and event management (SIEM) is not meant to vulnerable by design. It only gathers and analyzes the log data you send to it.

100% b

100% a

What is a honeypot? In computer terminology, the term honeypot refers to a security structure or mechanism that is built to deflect the attackers. In other words, a honeypot is there to distract the attackers from valuable assets of the organization. Honeypot can be defined as a system that is attached to the network. It is set up to be a decoy. It lures the hackers and wastes their time as they try to gain unauthorized access to the network or systems of the organization.

The right answer is A because: Security Information and Event Management (SIEM) software has been in use in various guises for over a decade and has evolved significantly during that time. SIEM solutions provide a holistic view of what is happening on a network in real-time and help IT teams to be more proactive in the fight against security threats. What is unique about SIEM solutions is that they combine Security Event Management (SEM) - which carries out analysis of event and log data in real-time to provide event correlation, threat monitoring an incident response - with Security Information Management (SIM) which retrieves and analyzes log data and generates a report. For the organization that wants complete visibility and control over what is happening on their network in real-time, SIEM solutions are critical.

A is the answer, SIEM logs information while honey pots only trap attacks