Module 13 - BIG DATA ANALYTICS

Ace your homework & exams now with Quizwiz!

Security information management (SIM) Security event management (SEM)

what is security information and event management made up of?

Natural language processing

process and analyze large amounts of natural language data.

Security Event Management (SEM)

provides real-time monitoring and notification of security events and console views.

Security information management (SIM)

refers to the collection of data such as log files into a central repository (called security console) for trend analysis.

Big Data and Data Analytics

what is big data analytics a combination of?

C

A Security Information and Event Management system cntains ____. A. Security information management B. Security event management C. Both A and B D.Neither A nor B

Machine Learning

A subset of Artificial Intelligence (AI) that trains a machine how to learn, makes it possible to quickly and automatically produce models that can analyze bigger, more complex data and deliver faster, more accurate results.

security information and event management

A system that supports threat detection, compliance and security incident management through the collection and analysis (both near real time and historical) of security events, as well as a wide variety of other event and contextual data sources

In-memory analytics

Analyzing data from system memory (instead of hard disk drive) to derive immediate insights from data and act on them quickly.

1. rapid detection and response 2. compliance

Benefits of security analytics?

volume variety velocity veracity value variability

What are the characteristics of Big Data?

D

Data sources for security analytics include all of the following except ___. A.Real-time alerts from workstations and servers. B.Network traffic data. C.Threat intelligence feeds D.Financial statements

Data mining and text mining

It examines large amounts of data/text to discover patterns in the data/text.

C

The benefits of security analytics include all of the following except ____. A.Rapid detection and response to attacks. B.Fix instances of potential non-compliance. C.Help a company to be exempted from compliance requirements. D.Provide proof of compliance

Variability

The characteristic of the changing formats, structure, or sources of big data.

1. Behavioral Analytics 2.Network analysis and visibility (NAV) 3. Security orchestration, automation, and response (SOAR) system 4. Forensics 5. External threat intelligence

What are security analytics technologies?

Volume

The quantity of generated and stored data; usually larger than terabytes and petabytes.

Velocity

The speed at which the data is generated and processed; often in real-time.

Veracity

The truthfulness or reliability of the data.

Variety

The type and nature of the data; including structured, semi-structured and unstructured data.

Value

The worth in information that can be achieved.

Identify anomalies in how a system or device is behaving.

What anomaly is this example identifying? An employee's device could be used as a Trojan horse. This can be stopped by using BDA to analyze use data.

Identify anomalies in employee and contractor behavior.

What anomaly is this example identifying? Identify anomalies in employee and contractor behavior. When an employee attempts to download large amounts of data, BDA can detect and stop it.

Analyze data to assess network vulnerabilities and risks.

What anomaly is this example identifying? his allows organizations to eliminate serious potential sources of risk, especially when dealing with customer-identifying information.

Identify anomalies in the network such as new threats without known signatures.

What anomaly is this example identifying? By looking at many different data attributes, BDA can understand the nature of various attacks.

-Real-time alerts from workstations, servers, sensors, mobile devices, and other endpoints -Real-time feeds from other IT security applications (firewalls, intrusion prevention, endpoint detection and response, etc.) -Network traffic volume and types -Server logs -Third-party threat intelligence feeds

What are the data sources of security analytics?

Data management and visualization Data mining and text mining In-memory analytics Predictive analytics Natural language processing Machine learning

What are the enabling technologies of BDA?

1. It becomes nearly impossible to achieve anonymity 2. It may make data masking irrelevant 3. BDA is not always accurate 4.obstruction of privacy may happen due to data breaches 5. may cause automated discrimination 6. May be used in unethical ways 7.Big Data will exist forever

What are the privacy concerns about BDA?

C

Which of the following statements about Big Data Analytics is correct? A.Result of Big Data Analytics is always accurate B.Big Data Analytics helps avoid discrimination. C.It is almost impossible to achieve anonymity in Big data Analytics. D.All of the above are correct.

Security analytics

combination of software, algorithms, and analytic processes used to detect potential threats to IT systems

Big Data Analytics

examines large amounts of data to uncover hidden patterns, correlations and other insights


Related study sets

Unit 4 quiz 2 history study sheet

View Set

penny ultrasound chapter 32 Fetal Environment and Maternal Complications Terms, Notes, and Questions

View Set

Pregnancy, Labour, Childbirth, Postpartum - Uncomplicated

View Set