Bird
0
0

To improve detection accuracy when alerts are missed due to incomplete logs, which combined approach is most effective?

hard🚀 Application Q9 of 15
Cybersecurity - Incident Response
To improve detection accuracy when alerts are missed due to incomplete logs, which combined approach is most effective?
AIncrease manual log reviews without automation
BRely solely on automated alert systems
CDisable alerts to reduce noise
DIntegrate multiple data sources and apply correlation analysis
Step-by-Step Solution
Solution:

  1. Step 1: Understand the problem

    Incomplete logs cause missed alerts; relying on one source is insufficient.

  2. Step 2: Combine data sources

    Integrating multiple sources and correlating alerts improves detection accuracy.

  3. Final Answer:

    Integrate multiple data sources and apply correlation analysis -> Option D

  4. Quick Check:

    Correlation across sources enhances detection [OK]
Quick Trick: Combine data sources and correlate alerts for accuracy [OK]
Common Mistakes:
MISTAKES
  • Depending only on automation
  • Ignoring alert noise instead of improving data
  • Relying solely on manual reviews

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Endpoint Detection and Response (EDR) - Quiz 8hard Compliance and Governance - PCI DSS for payment data - Quiz 1easy Digital Forensics - Why forensics preserves evidence - Quiz 14medium Digital Forensics - Why forensics preserves evidence - Quiz 8hard Digital Forensics - Mobile device forensics - Quiz 5medium Digital Forensics - Network forensics - Quiz 5medium Digital Forensics - Why forensics preserves evidence - Quiz 15hard Incident Response - Incident documentation - Quiz 6medium Incident Response - Eradication and recovery - Quiz 12easy Security Architecture and Design - Threat modeling (STRIDE, DREAD) - Quiz 10hard