Feb 6 • 🙋♂️ CISSP
Practice Question
Your organization is implementing a new cloud-based Security Information and Event Management (SIEM) system. You need to ensure that the SIEM effectively detects and alerts on security incidents. Which of the following is the MOST important step in this process?
A. Configuring the SIEM to collect logs from all available sources, including network devices, servers, and applications.
B. Developing and implementing use cases that are tailored to the organization's specific threat landscape and business requirements.
C. Training the security team on how to use the SIEM system to investigate and respond to security incidents.
D. Regularly testing and tuning the SIEM system to ensure that it is effectively detecting and alerting on real security incidents.
4
6 comments
Practice Question
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+17
3
+14
4
+12
5
+11
Powered by