exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam

Exam CSSLP topic 1 question 19 discussion

Actual exam question from ISC's CSSLP
Question #: 19
Topic #: 1
[All CSSLP Questions]

You work as a Security Manager for Tech Perfect Inc. You have set up a SIEM server for the following purposes: Analyze the data from different log sources
Correlate the events among the log entries Identify and prioritize significant events Initiate responses to events if required One of your log monitoring staff wants to know the features of SIEM product that will help them in these purposes. What features will you recommend? Each correct answer represents a complete solution.
Choose all that apply.

  • A. Asset information storage and correlation
  • B. Transmission confidentiality protection
  • C. Incident tracking and reporting
  • D. Security knowledge base
  • E. Graphical user interface
Show Suggested Answer Hide Answer
Suggested Answer: to an attack that affects a vulnerable OS or a main host. Answer: B is incorrect. SIEM product does not have this feature. 🗳️
The features of SIEM products are as follows: Graphical user interface (GUI): It is used in analysis for identifying potential problems and reviewing all available data that are associated with the problems. Security knowledge base: It includes information on known vulnerabilities, log messages, and other technical data. Incident tracking and hacking: It has robust workflow features to track and report incidents. Asset information storage and correlation: It gives higher priority

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
4e3rv21rq3vq2q
1 year, 8 months ago
Selected Answer: ACDE
it's ACDE
upvoted 1 times
74gjd_37
5 months, 2 weeks ago
Why not B also? Transmission confidentiality protection feature ensures that the data being transmitted between different components of the SIEM system is kept confidential and secure. This is particularly important when the SIEM system is being used to collect and analyze sensitive data, such as network logs and security events.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago