Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 43

What is a difference between SOAR and SIEM?

Answer options

• A. SOAR platforms are used for threat and vulnerability management, but SIEM applications are not
• B. SIEM applications are used for threat and vulnerability management, but SOAR platforms are not
• C. SOAR receives information from a single platform and delivers it to a SIEM
• D. SIEM receives information from a single platform and delivers it to a SOAR

Correct answer: A

Explanation

The correct answer is A because SOAR platforms specifically focus on automating incident response and managing vulnerabilities, while SIEM applications primarily aggregate and analyze security data. Options B, C, and D misrepresent the functions of these systems, as SIEM does not directly manage threats and vulnerabilities like SOAR does.