11. Fill in the blank: To assess the performance of a software application, security professionals use _____, including response time, availability, and failure rate.
- dashboards
- SIEM tools
- logs
- metrics
12. A security team installs a SIEM tool within their company’s own infrastructure to keep private data on internal servers. What type of tool are they using?
- Hybrid
- Infrastructure-hosted
- Self-hosted
- Cloud-hosted
13. You are a security analyst, and you want a security solution that will be fully maintained and managed by your SIEM tool provider. What type of tool do you choose?
- Self-hosted
- Solution-hosted
- Cloud-hosted
- Hybrid
14. Fill in the blank: Splunk Enterprise is a self-hosted tool used to retain, analyze, and search an organization's _____ to provide security information and alerts.
- database
- hardware
- cloud applications
- log data
15. Which of the following statements accurately describe Chronicle? Select three answers.
- Cloud-native tools such as Chronicle are designed to take advantage of cloud computing availability.
- Chronicle is designed to retain, analyze, and search data.
- Self-hosted tools such as Chronicle are designed to give organizations more control over their data.
- Chronicle performs data analysis.
16. Which type of tool typically requires users to pay for usage?
- Open-source
- Self-hosted
- Proprietary
- Cloud native
17. Which of the following statements correctly describe logs? Select three answers.
- Actions such as using a username or password are recorded in a firewall log.
- Events related to websites, emails, or file shares are recorded in a server log.
- A network log is a record of all computers and devices that enter and leave a network.
- A log is a record of events that occur within an organization’s systems and networks.
18. What are some of the key benefits of SIEM tools? Select three answers.
- Save time
- Provide event monitoring and analysis
- Eliminate the need for manual review of logs
- Collect log data from different sources
Shuffle Q/A 2
19. Fill in the blank: Software application _____ are technical attributes, such as response time, availability, and failure rate.
- metrics
- dashboards
- SIEM tools
- logs
20. You are a security professional, and you want a SIEM tool that will require both on-site infrastructure and internet-based solutions. What type of tool do you choose?
- Hybrid
- Self-hosted
- Cloud-hosted
- Component-hosted