Security Information and Event Management

Security information and event management (SIEM) is considered an IT best practice, and for regulated industries it is an audit compliance requirement. It supports IT service reliability by maximizing event log value and is used to aggregate, decipher, and normalize nonstandard log formats; it can also filter out false positives. The only time that an SIEM system will not provide the correct information is when the wrong filters are set in error:

  • Account management: In a multinational corporation that may have in excess of 50,000 users it is very important that account management policies are in place so that the directory service is kept up to date. Let us look at different account management tools ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.