Information Security UK 14

............................................................................ platforms take the log files, find commonalities (such as attack types and threat origination), and summarize the results for a particular time period.

For example, all logs and alerts from all IDSs, perimeter firewalls, personal firewalls, antivirus scanners, and operating systems can be tied together.

Events from all logs are then gathered, analysed, and reported on from one location.

• Web servers

• Applications

• Switches and routers

• VPN concentrators

• Firewalls

• Web filters and proxies

• Antivirus ---- the above are an ideal source of ..........................information for SIEM

It correlates, captures, and indexes real-time data, from which it creates alerts, dashboards, graphs, reports, and visualizations. What is it?

What is the sequence of operations in Splunk Architecture?

Customer region, order purchase, time of purchase, device used by customer are done by .................................stage in splunk

Sale by Geography, Preferred device of the customer can be found in which stage of the splunk

...............................................................includes disaster recovery along with procedures to restore business operations and the underlying functionality of the business infrastructure needed to support the business, along with the resumption of the daily work of the people in your workplace.

An ........................................... turns the archive bit off again, and the next incremental backup backs up only the files that have changed since the last incremental backup.

This Windows service takes a snapshot of a working volume, and then a normal data backup can be made that includes open files.

this is known as

COBIT stands for