Posted by: Pdfprep
Post Date: May 3, 2021
John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.
Which of the following data source will he use to prepare the dashboard?
A . DHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
B . IIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.
C . DNS/Web Server logs with IP addresses.
D . Apache/Web Server logs with IP addresses and Host Name.
Answer: D
Leave a Reply