Knowee
Questions
Features
Study Tools

What are some causes of high alert volumes? Select two answers.1 分Sophisticated evasion techniquesRefined detection rulesBroad detection rulesMisconfigured alert settings

Question

What are some causes of high alert volumes? Select two answers.1 分Sophisticated evasion techniquesRefined detection rulesBroad detection rulesMisconfigured alert settings

🧐 Not the exact question you are looking for?Go ask a question

Solution

The two causes of high alert volumes could be:

  1. Broad detection rules: If the detection rules are too broad, they may trigger alerts for a wide range of activities, including those that are not necessarily harmful or suspicious. This can lead to a high volume of alerts, many of which may be false positives.

  2. Misconfigured alert settings: If the alert settings are not configured properly, they may trigger alerts more frequently or for less serious issues. This can also result in a high volume of alerts.

This problem has been solved

Similar Questions

Why do security analysts refine alert rules? Select two answers.1 分To increase alert volumesTo improve the accuracy of detection technologiesTo create threat intelligenceTo reduce false positive alerts

Which three are true about thresholds, metrics, and server-generated alerts?

Another factor that was identified as affecting clinical utility isthe challenge of configuring alerts; striking the right balance be-tween over-triggering and under-alerting when action is needed hasproven challenging. This can have a direct impact on the clinicalutility of a model. Nursing alarm fatigue, particularly with some ofthe most critically-ill patients, is a well-characterized phenome-non.20 One interviewee explained, “one of the biggest challenges inimplementation is figuring out what signals you should send andwho to send them to, when and how.”

Which action can a security analyst take when they are assessing a SIEM alert?1 pointAnalyze log data and related metricsIsolate an infected network systemRestore the affected data with a clean backupCreate a final report

3.Question 3What application monitors system activity, then produces alerts about possible intrusions? 1 pointIntrusion detection systemPlaybookProduct manualWord processor

1/1

Upgrade your grade with Knowee

Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.