7-44.1 Conduct Logging and Monitoring Activities Flashcards
1
Q
The process of standardizing the log details into a consistent structure
A
Normalizing
2
Q
The process of filtering out duplicate entries or excessive noise
A
Deduplication
3
Q
Behaviors or actions that suggest an attack that is happening or about to happen
A
IoA (Indicator of Attack)
4
Q
Standard protocol used to send system log or event messages to a syslog server
A
Syslog
5
Q
Keeping logs that would normally be discarded because they contain records of activity of particular interest
A
Log preservation