{"id":3092,"date":"2023-02-20T03:00:47","date_gmt":"2023-02-20T03:00:47","guid":{"rendered":"https:\/\/www.goodacademic.com\/blog\/questions\/siem-research-and-recommendation-project-t01b\/"},"modified":"2023-02-20T03:00:47","modified_gmt":"2023-02-20T03:00:47","slug":"siem-research-and-recommendation-project-t01b","status":"publish","type":"questions","link":"https:\/\/www.goodacademic.com\/blog\/questions\/siem-research-and-recommendation-project-t01b\/","title":{"rendered":"SIEM Research and Recommendation Project (T01B)"},"content":{"rendered":"<div class=\"col-sm-12 messageContent\">\n <b>Learning Goal: <\/b>I&#8217;m working on a cyber security question and need guidance to help me learn.<\/p>\n<p>MEMORANDUM<\/p>\n<p>To: Security Analyst<\/p>\n<p>From: CISO<\/p>\n<p>Subject: Security Information and Event Management at the company<\/p>\n<p>The Senior IT and Security management team was recently convened to discuss a number of issues. Among those issues was the future utility of a more coherent and complete approach to security log data, the usefulness of that data, and whether or not a Security Event and Incident Management program might be of value at our company.<\/p>\n<p>Your assignment is to gain some further insight into the technology and then make a recommendation regarding how we might deploy and use a SIEM program and its related tools.<\/p>\n<p>Please begin by performing a complete policy review for all enterprise and issue-specific policies that currently exist at in our organization which night impact, influence or, affect the use of a SIEM toolset here.<\/p>\n<p>Next, explore the knowledge domain of SIEM by reading supplementary information and using resources you have been provided including online instruction and demonstrations. You have also been asked to write a short SIEM experience report. You can perform any other research you care to add for your own insight and may care to download, install and use the indicated tool.<\/p>\n<p>You may assume that the recent network security improvements (both to the organizational policy environment and the upgrades to the network security program) have been completed.<\/p>\n<p>It is my opinion that SIEM is a viable option for our organization. Please use your augmented knowledge of SIEM and your understanding of the company&#8217;s environment to prepare a proposal for SIEM deployment here. Please see the provided template for the proposal. Be sure to complete all sections of the proposal.<\/p>\n<p>Your report back to me should include:<\/p>\n<ul>\n<li>A cover memorandum that transmits the report and also includes an executive summary of the entire report.<\/li>\n<li>The report:\n<ul>\n<li>A brief statement of the current policy environment as it applies to SIEM at the firm.<\/li>\n<li>A set of recommendations for any needed changes to policy (enterprise, issue-specific, or system-specific) within the company to make it possible for SIEM to be used to best effect.<\/li>\n<li>Careful consideration of the feature set that should be available in any SIEM system adopted here so that it has the ability to meet the organization&#8217;s needs.<\/li>\n<li>A proposal for a SIEM solution for the company using the template that has been provided to you.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Thank you in advance for your efforts on this project.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Learning Goal: I&#8217;m working on a cyber security question and need guidance to help me learn. MEMORANDUM To: Security Analyst From: CISO Subject: Security Information and Event Management at the company The Senior IT and Security management team was recently convened to discuss a number of issues. Among those issues was the future utility of [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":[],"disciplines":[718],"paper_types":[],"tagged":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions\/3092"}],"collection":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions"}],"about":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/types\/questions"}],"author":[{"embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/comments?post=3092"}],"version-history":[{"count":0,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/questions\/3092\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/media?parent=3092"}],"wp:term":[{"taxonomy":"disciplines","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/disciplines?post=3092"},{"taxonomy":"paper_types","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/paper_types?post=3092"},{"taxonomy":"tagged","embeddable":true,"href":"https:\/\/www.goodacademic.com\/blog\/wp-json\/wp\/v2\/tagged?post=3092"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}