Following the merger of two large companies the newly combined security team is overwhelmed by the volume of logs flowing from the IT systems. The company’s data retention schedule complicates the issue by requiring detailed logs to be collected and available for months .
Which of the following designs BEST meets the company’s security and retention requirement?
A . Forward logs to both a SlEM and a cheaper longer-term storage and then delete logs from the SlEM after 14 days
B . Reduce the log volume by disabling logging of routine maintenance activities or failed authentication attempts
C . Send logs to a SlEM that correlates security data and store only the alerts and relevant data arising from that system.
D . Maintain both companies’ logging and SlEM solutions separately but merge the resulting alerts and reports.
Answer: C
Latest CAS-003 Dumps Valid Version with 509 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund