What is a benefit to an organization of using SOAR as part of the SIEM system?

IT Questions BankCategory: CCNA CyberOpsWhat is a benefit to an organization of using SOAR as part of the SIEM system?

What is a benefit to an organization of using SOAR as part of the SIEM system?

  • SOAR was designed to address critical security events and high-end investigation.
  • SOAR would benefit smaller organizations because it requires no cybersecurity analyst involvement once installed.
  • SOAR automates incident investigation and responds to workflows based on playbooks.
  • SOAR automation guarantees an uptime factor of “5 nines”.

Explanation: SIEM systems are used for collecting and filtering data, detecting and classifying threats, and analyzing and investigating threats. SOAR technology does the same as SIEMs but it also includes automation. SOAR integrates threat intelligence and automates incident investigation. SOAR also responds to events using response workflows based on previously developed playbooks.
Exam with this question: Modules 1 – 2: Threat Actors and Defenders Group Exam


guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x