Question

What is an example of an In-house SIEM:? What is an example of an Cloud based...

What is an example of an In-house SIEM:?

What is an example of an Cloud based SIEM:?

What is an example of an Managed SIEM:?

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

1.A SIEM (Security Information & Event Management) is a platform for managing security incidents. It allows the collection of system logs and machine data from across your IT environment to help identify unusual or suspicious activity — and then reports an alert in real time if it finds anything suspicious. You can think of a SIEM as a tool that provides a comprehensive view of an organization’s IT security.

In-house SIEM

In this setup, the organization exercises ultimate control on their SIEM solution. They purchase the required hardware and software to implement this solution at their physical facility. As a matter of general practice, SIEM becomes a part of an organization’s Security Operations Center (SOC). An organization can customize this in-house SIEM to meet its security needs and push updates as it wishes.

However, there is no involvement of third-party, and all security-related information remains in-house. The organization becomes solely responsible for integrating an in-house SIEM setup with existing systems, configuring log sources, customizing alerts, and training employees. In-house SIEM setups require a high initial investment and subsequent costs for maintenance, patches, and updates.

Ex: Micro Focus ArcSight ESM.

2.Cloud-based SIEM

This mode has gained significant popularity with the global adoption of cloud computing technology. Cloud-based SIEM solutions are subscription-based, and your responsibilities for maintaining hardware are minimal. Instead of investing a significant amount upfront, organizations have to opt for monthly or annual subscriptions. Customers can decide on the implementation of SIEM for their organization, and there is no reliance on third parties. The trade-off here is the availability of an organization’s security data at locations that are not directly owned or controlled by the organization.

Ex: Sumo Logic

3.Managed SIEM

This model can involve either in-house SIEM or cloud-based SIEM implementation, but with the help of necessary expertise from the service provider. A customer does not need to entirely rely on its internal security team as the vendor would provide support during the implementation. A managed SIEM solution is hosted on the vendor’s server and monitors client network for potential security threats. Primary reasons for choosing managed SIEM solutions are faster deployment, negligible maintenance, flexible pricing options, and availability of SIEM experts on call.

Ex: McAfee Enterprise Security Manager

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
How NIST defined Cloud Computing? What are its five Essential Characteristics, Three service models and four...
How NIST defined Cloud Computing? What are its five Essential Characteristics, Three service models and four deployment models? Explain each one in detail with example.
Users prefer systems that: a. are cloud-based b. are able to provide optimum hardware and software...
Users prefer systems that: a. are cloud-based b. are able to provide optimum hardware and software efficiency c. are oriented to facilitating organizational tasks and solving business problems d. are capable of storing much more data than they need e. work with existing DBMS
Assume that your company has just licensed a cloud-based SaaS CRM system. Your boss asks you...
Assume that your company has just licensed a cloud-based SaaS CRM system. Your boss asks you what needs to be done to make it operational. Using the SDLC, summarize on one page the work to do to transform that SaaS into a working IS.
What is statistical discrimination? Give a sports-based example.
What is statistical discrimination? Give a sports-based example.
What are the advantages and disadvantages of using “Cloud” storage service?
What are the advantages and disadvantages of using “Cloud” storage service?
What are some of the cost management considerations in cloud computing
What are some of the cost management considerations in cloud computing
Key advantages of Cloud-based services include _______________. A. No obsolescene B. Dependency on vendor C. Visibility...
Key advantages of Cloud-based services include _______________. A. No obsolescene B. Dependency on vendor C. Visibility into security and disaster preparedness D. control over data location and security Which of the following is NOT a characteristics of Inter-Enterprise Systems? A. The participating organizations may need to change some of their internal processes, and decisions may be documented in legal contracts. B. They require that participating organizations use the same operating systems for their own applications. C. Healthcare Exchanges and Supply...
A managed service provider is designing a log aggregation service for customers who no longer want...
A managed service provider is designing a log aggregation service for customers who no longer want to manage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on-premises and cloud-based infrastructure logs to be stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers. Which of the following is...
Subject: Cloud computing What are the common examples of resource pools
Subject: Cloud computing What are the common examples of resource pools
Many SaaS cloud services architecture depictions feature a distinct "Application Management Layer (AML)" or something approximating...
Many SaaS cloud services architecture depictions feature a distinct "Application Management Layer (AML)" or something approximating to that. What specifically does this layer do, in the context of cloud multi-tenancy-based SaaS operations?
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT