Manage Security Risks Flashcards
module three
What is Chronicle in the context of cybersecurity?
A cloud-native tool designed to retain, analyze, and search data.
What is incident response?
An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach.
What is a log in cybersecurity?
A record of events that occur within an organization’s systems.
What are metrics in the context of software applications?
Key technical attributes such as response time, availability, and failure rate, which are used to assess the performance of a software application.
What is an operating system (OS)?
The interface between computer hardware and the user.
What is a playbook in cybersecurity?
A manual that provides details about any operational action.
What is security information and event management (SIEM)?
An application that collects and analyzes log data to monitor critical activities in an organization.
What is security orchestration, automation, and response (SOAR)?
A collection of applications, tools, and workflows that use automation to respond to security events.
What are SIEM tools?
Software platforms that collect, analyze, and correlate security data from various sources across your IT infrastructure to help identify and respond to security threats in real-time, investigate security incidents, and comply with security regulations.
What is Splunk Cloud?
A cloud-hosted tool used to collect, search, and monitor log data.
What is Splunk Enterprise?
A self-hosted tool used to retain, analyze, and search an organization’s log data to provide security information and alerts in real-time.
What type of SIEM tool is designed to take full advantage of cloud computing capabilities?
Cloud-native.
Which log source records events related to websites, emails, file shares, and password and username requests?
Server
What are the different types of SIEM tools? Select three answers.
Self-hosted, Cloud-hosted, Hybrid
What does the term “metrics” refer to in software applications?
Technical attributes such as response time, availability, and failure rate.