i have attached 4 files.
STUDENT USE ONLY Copyright 2020, Ervin Frenzel Student:(LastName)_____________________(FirstName)_______________ Class______________________Section______________Semester:_______________\ ____ Week:________________Project: ___________________________________ Copyright 2020, Ervin Frenzel Instructions: For identifying SIEM/Security pr oducts: Identify and rank 10 components (data sets or logs) that can be imported to a SIEM - rank them upon, do this with 2 separate SIEM products (LogRythm, Splunk, QRadar, ArcSight, AlienVault, NuSiem, Dell SecureWorks, Rapid 7) Rank according to Application Programming Interface (API): API rating "0" - Data integration is not possible with non - proprietary data sets API rating "1" - manual retrieval of information API rating "2" - We can produce API API rating "3" - Community will produce API API rating "4" - Organization will produce and deploy API API rating "5" - Existing API produced and backed by Vendor For Cost Associations (Highest cost to Lowest cost): 1 – ________________ to _________________ (example over $50,000) 2 – ________________ to _________________ (example $40,000 to $49,999) 3 – ________________ to _________________ (example $25,000 to $39,999) 4 – ________________ to _________________ (example $10,000 to $24,999) 5 – ________________ to __________ _______ (example under $9,999) For Identifying Indicators of Compromise (IoC): Rank according to : 1 – N o association (validated or confirmed ) 2 – S uspected not association 3 – A ssociation unknown (status unknown) 4 – S uspected association 5 – Association confirmed (validated or confirmed)
