In an organization that has several independent security tools including intrusion detection systems (IDSs) and firewalls, which of the following is the BEST way to ensure timely detection of incidents?
In an organization that has several independent security tools including intrusion detection systems (IDSs) and firewalls, which of the following is the BEST way to ensure timely detection of incidents?
In an organization with multiple independent security tools, such as IDSs and firewalls, implementing a log aggregation and correlation solution is the best way to ensure timely detection of incidents. This solution, often referred to as a Security Information and Event Management (SIEM) system, collects and analyzes log data from various sources to identify potential security threats. It enables the organization to detect patterns and anomalies across different systems, providing a more comprehensive and timely awareness of security incidents.
Selected Answer: A "Implement a log aggregation and Correlation Solution" which in other words is a SIEM tool.
A is the correct answer
A. Implement a log aggregation and correlation solution.