Question 38
Main Page
You’re developing SIEM use cases. What step ensures accurate detection?
A. Purchase the most expensive platform
B. Monitor only firewall logs
C. Define event logic and validate sources
D. Include executive reports
Answer: Define event logic and validate sources
Effective SIEM use cases require defining what constitutes a threat and validating data sources.