Which of the following BEST explains what happened?

SY0-601 V8 0 Comments

After a hardware incident, an unplanned emergency maintenance activity was conducted to rectify the issue. Multiple alerts were generated on the SIEM during this period of time.

Which of the following BEST explains what happened?
A . The unexpected traffic correlated against multiple rules, generating multiple alerts.
B . Multiple alerts were generated due to an attack occurring at the same time.
C . An error in the correlation rules triggered multiple alerts.
D . The SIEM was unable to correlate the rules, triggering the alerts.

Answer: A

Explanation:

Multiple alerts were generated on the SIEM during the emergency maintenance activity due to unexpected traffic correlated against multiple rules. The SIEM generates alerts when it detects an

event that matches a rule in its rulebase. If the event matches multiple rules, the SIEM will generate multiple alerts.

Reference: CompTIA Security+ Study Guide, Exam SY0-601, Chapter 3: Architecture and Design

Latest SY0-601 Dumps Valid Version with 396 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SY0-601 PDF     SY0-601 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments