Glossary Terms from Module 3-02

Question 1

Define Chronicle

Answer 1

A cloud-native tool designed to retain, analyze, and search data (Google)

Question 2

Define Operating system (OS)

Answer 2

The interface between computer hardware and the user

Question 3

Define Incident response

Answer 3

An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach

Question 4

Define Log

Answer 4

A record of events that occur within an organization’s systems

Question 5

Define Metrics

Answer 5

Key technical attributes such as response time, availability, and failure rate, which are used to assess the performance of a software application

Question 6

Define Security orchestration, automation, and response (SOAR)

Answer 6

A collection of applications, tools, and workflows that use automation to respond to security events

Question 6

Define Playbook

Answer 6

A manual that provides details about any operational action

Question 7

Define Security information and event management (SIEM)

Answer 7

An application that collects and analyzes log data to monitor critical activities in an organization

Question 8

Define SIEM tools

Answer 8

A software platform that collects, analyzes, and correlates security data from various sources across your IT infrastructure that helps identify and respond to security threats in real-time, investigate security incidents, and comply with security regulations

Question 8

Define Splunk Cloud

Answer 8

A cloud-hosted tool used to collect, search, and monitor log data

Question 9

Define Splunk Enterprise

Answer 9

A self-hosted tool used to retain, analyze, and search an organization’s log data to provide security information and alerts in real-time