ComputerScienceExpert
$18/per page/
Case Scenario:
A client company has asked you to research and recommend a product which will allow them to upgrade or replace their first generation Security Information and Event Management (SIEM) product with a unified solution that combines real-time monitoring, threat analytics, and event management / reporting. The company currently relies upon host-based anti-virus applications, host-based firewalls, and firewall capabilities provided by the premises router to provide protection for its internal networks, servers, and workstations.
Â
Case Study #4: Technology & Product Review for an SIEM ReplacementCase Scenario:A client company has asked you toresearch and recommend a product which will allow themto upgrade or replace their frst generaTon Security InFormaTon and Event Management (SIEM)product with a unifed soluTon that combines real-Tme monitoring, threat analyTcs, and eventmanagement / reporTng. The company currently relies upon host-based an±-virus applica±ons, host-based frewalls, and frewall capabili±es provided by the premises router to provide protec±on For itsinternal networks, servers, and worksta±ons.The IT Manager set up this security architecture and believes that it is su²cient For the frm’sneeds. But, the frm’s insurance company has threatened a signifcant increase in its business insurancepremiums iF the company doesn’t implement stronger protec±on against network-based threats. Theinsurance company’s risk assessment also iden±fed email a³achments and uncontrolled web browsingas addi±onal high risk areas, which need to be addressed and mi±gated. The client wants a product thatis comprehensive but doesn’t require a great deal oF training beFore it can be used.A quick Internetsearch revealed two product categories that ft this descrip±on:Security InForma±on and Event Management (SIEM)Unifed Threat Management (UTM)Research:1.Readings on SIEM and UTM products.2.Choose one oF theSIEM or UTMproducts From the Gartner Magic Quadrant analyses.3.Research your chosen product using the vendor’s website and product inForma±on brochures.(Vendors For highly rated products will provide a copy oF Gartner’s most recent Magic Quadrantreport on their websites but, registra±on is required.)4.´ind three or more addi±onal sources which provide reviews For (a) your chosen product or (b)general inForma±on about SIEM / UTM technologies and solu±ons.Write:Write a two to three page summary oF your research. At a minimum, your summary mustinclude the Following:1.An introduc±on or overview For the security technology category (SIEM or UTM, not both).2.A review oF the Features, capabili±es, and defciencies For your selected vendor and product3.Discussion oF how the selected product could be used by your client to support itscybersecurity objec±ves by reducing risk, increasing resistance to threats/a³acks, decreasingvulnerabili±es, etc.4.Address security issues using standard terms (e.g. 5 Pillars IA, 5 Pillars InForma±on Security).See the resources listed under Course Resources > Cybersecurity Concepts Review Fordefni±ons and terminology.
Attachments: