Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your organization is planning to implement a security information and event management (SIEM) solution to enhance its cybersecurity posture. The solution must support compliance with industry standards, provide scalability to handle increasing volumes of data, and offer cost-effective operations. Considering these requirements, what are the key components and features you should prioritize in a SIEM solution? (Choose one correct option)
A
Only log collection and normalization capabilities to aggregate data from various sources, ignoring advanced analytics due to budget constraints.
B
Advanced analytics and machine learning algorithms for threat detection, without considering the need for log collection and normalization.
C
Alerting and incident management capabilities, focusing solely on response times without integrating log collection or analytics.
D
All of the above components: log collection and normalization, advanced analytics and machine learning for anomaly detection, and alerting and incident management for comprehensive security monitoring.