Monitoring and Logging for Detection of Malicious Activity

Back to Home

01. Monitoring and Logging for Detection of Malicious Activity Lesson Introduction
02. Monitoring and Logging Overview
03. Monitoring and Logging for Detection of Malicious Activity
04. System Event Logs
05. Quizzes: System Event Logs
06. Exercise: System Event Logs
07. Exercise Solution: System Event Logs
08. Monitoring Network Traffic
09. Quizzes: Monitoring Network Traffic
10. Exercise: Monitoring Network Traffic
11. Exercise Solution: Monitoring Network Traffic
12. SIEM Framework
13. Quizzes: SIEM
14. Exercise: SIEM
15. Exercise Solution: SIEM
16. When is an alert not an alert?
17. Monitoring and Logging for Detection of Malicious Activity Lesson Conclusion

Back to Home

13. Quizzes: SIEM

Which of the following would provide a more manageable amount of results while searching in a SIEM?

30-Day Search for google.com

24-Hour Search for google.com

4-Hour Search for google.com sourcetype=dnssyslog

SOLUTION:

4-Hour Search for google.com sourcetype=dnssyslog

What are features of an Open Source SIEM?
[Select all that apply]

Customizable

Printing Capabilities

Strong Community Support

Internet Analysis

Lack of restrictions on data ingestion

Unix Support

SOLUTION:

Customizable
Strong Community Support
Lack of restrictions on data ingestion

What are some considerations when choosing a SIEM?
[Select all that apply]

Licensing

Free Stickers

Runs on legacy hardware

Scalability

Dashboards

Alerts

Query Language

SOLUTION:

Licensing
Scalability
Dashboards
Alerts
Query Language

Learn Udacity: click here to learn more :)