7-44.1 Conduct Logging and Monitoring Activities Flashcards

1
Q

The process of standardizing the log details into a consistent structure

A

Normalizing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The process of filtering out duplicate entries or excessive noise

A

Deduplication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Behaviors or actions that suggest an attack that is happening or about to happen

A

IoA (Indicator of Attack)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Standard protocol used to send system log or event messages to a syslog server

A

Syslog

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Keeping logs that would normally be discarded because they contain records of activity of particular interest

A

Log preservation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly