Be default, events in McAfee SIEM are aggregated on which of the following three fields?
A) Signature ID, Source IP, Source Port
B) Signature ID, Source IP, Destination IP
C) Signature ID, Destination IP, Source User
D) Signature ID, Event ID, Source IP
Correct Answer:
Verified
Q13: When a Correlation Rule successfully triggers, this
Q32: By default, the McAfee Enterprise Security Manager
Q33: Which of the following features of the
Q34: On the McAfee enterprise Security Manager (ESM),
Q35: The security Analyst notices that there has
Q36: If the SIEM Administrator deploys the Enterprise
Q38: The normalization value assigned to each data-source
Q39: Checkpoint firewalls provide logs to the McAfee
Q40: Malware performing a network enumeration scan will
Q42: Analysts can effectively use the McAfee SIEM
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents