Register
Lucy is the SOC operator for her organization and is responsible for monitoring her organization's SIEM and other security devices. Her organization has both domestic and international sites, and many
74.1k views
5 votes
Lucy is the SOC operator for her organization and is responsible for monitoring her organization's SIEM and other security devices. Her organization has both domestic and international sites, and many of their employees travel frequently.

After her discovery in the first part of this question, Lucy is tasked with configuring alerts that are sent to system administrators. She builds a rule that can be represented in pseudocode as follows: Send a SMS alert every 30 seconds when systems do not send logs for more than 1 minute. The average administrator at Lucy's organization is responsible for 150 to 300 machines. What danger does Lucy's alert create?
A. A DDoS that causes administrators to not be able to access systems
B. A network outage
C. Administrators may ignore or filter the alerts.
D. A memory spike

User Konjac
by
8.7k points

1 Answer

1 vote

Final answer:

Lucy's alert system may lead to 'alert fatigue' as system administrators managing a large number of machines might ignore or filter out the numerous alerts, potentially missing critical information.

The Correct Option is; C. Administrators may ignore or filter the alerts.

Step-by-step explanation:

Lucy's alert creates the danger of administrators ignoring or filtering the alerts, option C. If the administrators are responsible for 150 to 300 machines and each machine sends an SMS alert every 30 seconds when logs are not received for more than one minute, administrators may receive an overwhelming number of alerts.

This high volume of alerts could lead to a situation known as 'alert fatigue' where the sheer number of alerts causes administrators to either ignore or filter out the alerts, potentially missing critical information.

The findings of Bruno & Abrahão (2012) demonstrate that increasing cognitive load can lead to more mistakes in decision-making. This suggests that an abundance of alerts could degrade the accuracy of administrators' responses to real threats.

The infamous case of the Target data breach in 2013 also illustrates the consequences of security personnel not interpreting alerts correctly due to high cognitive demand or other factors.

User Marcel Offermans
by
7.7k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.5m questions

12.2m answers

Other Questions

The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Link Copied!