Certified SOC Analyst (CSA) — Question 13
Which of the following are the responsibilities of SIEM Agents?
1. Collecting data received from various devices sending data to SIEM before forwarding it to the central engine.
2. Normalizing data received from various devices sending data to SIEM before forwarding it to the central engine.
3. Co-relating data received from various devices sending data to SIEM before forwarding it to the central engine.
4. Visualizing data received from various devices sending data to SIEM before forwarding it to the central engine.
Answer options
- A. 1 and 2
- B. 2 and 3
- C. 1 and 4
- D. 3 and 1
Correct answer: A
Explanation
The correct answer is A because SIEM Agents are responsible for both collecting and normalizing data from various devices before it is sent to the central engine. Options B, C, and D include tasks that are not primarily the responsibility of SIEM Agents, such as co-relating and visualizing data.