Reference no: EM133029272
Part A
Assume you are a security awareness trainer. Part of your job is to convince end users that paying attention to security procedures makes the entire organization more successful.
1. When a user does not follow security procedures, what are two consequences to the organization you would emphasize? Why?
Part B
Microsoft adheres to a defense-in-depth principle to ensure protection of its cloud services, such as Microsoft Office 365. Built-in security features include threat protection to reduce malware infections, phishing attacks, distributed denial of service (DDoS) attacks, and other types of security threats.
1. Would an organization need to apply security controls to allow safe use of those applications? Why or why not?
Part C
SIEM systems take data from different log files, such as those for firewalls, routers, web servers, and intrusion detection systems, and then normalize the data so it can be compared. SIEM systems are highly valuable in helping to spot attacks by sifting through raw log file data and coming up with relevant information.
The normalization process involves processing the logs into a readable and structured format, extracting important data from them, and mapping the information to standard fields in a database.
1. Would a SIEM system be valuable if it did not normalize data? Why or why not?
2. Does an organization that uses a SIEM system still need a human analyst? Why or why not?