When real-time reporting of security events from multiple sources is being received, which function in SIEM provides capturing and processing of data in a common format?

When real-time reporting of security events from multiple sources is being received, which function in SIEM provides capturing and processing of data in a common format?

• aggregation
• log collection
• normalization
• compliance

Explanation: SIEM combines SEM and SIM tools to provide some useful functions, one of which is data normalization. Data normalization is the process of mapping log messages from different systems into a common data model in order to analyze related security events, even if they are initially logged in different source formats.

Exam with this question: CCNA SECOPS 210-255 Dumps – Certification Practice Exam Answers
Exam with this question: CyberOps Associate (Version 1.0) - Module 27: Working with Network Security Data Quiz Answers