Register
What is a key consideration when correlating event data from multiple sources into security information and event management (SIEM)?
140k views
4 votes
What is a key consideration when correlating event data from multiple sources into security information and event management (SIEM)?

User Pundit
by
5.3k points

1 Answer

3 votes

Answer:

Time synchronisation.

Step-by-step explanation:

Security information and event management (SIEM) is an application service that analyses the real time security alert in a network, which combines both security information management (SIM) and security event management (SEM).

Correlating is SIEM is a function of the SEM component that integrates sources of events, using attributes and common links to make it a useful source of data. It links these events from multiple sources, considering the time synchronisation of the events.

Time synchronisation is a process of coordinate independent clocks event signals due to clock drift, to avoid clock timing at different rate.

User Kaj Hejer
by
5.0k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

5.8m questions

7.5m answers

Other Questions

A new information system is not considered in production until conversion is complete
a. STOP: What is a technology habit you practice today that you now realize will not help you to be successful? Explain why it’s important to STOP doing this right now.
Why might the government censor what its citizens see on the internet?
Flash drives cds external disks are all examples of storage (memory) devices
What is a spreadsheet program? A spreadsheet program is a computerized version of _________
Link Copied!