Monday, September 3, 2018

filter the alerts

Lucy is tasked with configuring alerts that are sent to system administrators. She builds a rule that can be represented in pseudocode as follows:
Send an SMS alert every 30 seconds when systems do not send logs for more than 1 minute.
The average administrator at Lucy’s organization is responsible for 150 to 300 machines.
What threat does Lucy’s alert create?
  1. A DDoS that causes administrators to not be able to access systems
  2. A network outage
  3. Administrators may ignore or filter the alerts.
  4. A memory spike


C. Availability analysis targets whether a system or service is working as expected. While a SIEM may not have direct availability analysis capabilities, reporting on when logs and other data are not received from source systems can help detect outages. Ideally, Lucy’s organization should be using a system monitoring tool that can alarm on availability issues as well as common system problems such as excessive memory, network, disk, or CPU usage.

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

ASHRAE Standard 90.4-2019

 The correct temperature range recommended by ASHRAE Standard 90.4-2019 for maximum uptime and hardware life is 64⁰ and 81⁰ F . ASHRAE and ...

  • boardsi - summary - review
     Summarization of hundreds of comments on Reddit. Ineffective Service: The users explicitly states, "Confirmed that it doesn't w...
  • Privacy Policy, Flipp
    Based on a review of the provided Privacy Policy , here are some potential legal implications and issues that should be addressed: Scope a...