Exam 200-201 Topic 3 Question 260 Discussion

Actual exam question for Cisco's 200-201 exam
Question #: 260
Topic #: 3

What is a difference between SIEM and SOAR?

A. SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation. B. SlEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response. C. SIEM predicts and prevents security alerts, while SOAR checks attack patterns and applies the mitigation. D. SOAR's primary function is to collect and detect anomalies, while SIEM is more focused on security operations automation and response.

Suggested Answer: B Vote an answer

SIEM (Security Information and Event Management) systems are solutions that provide real-time analysis of security alerts generated by applications and network hardware. They collect, store, analyze, and report on log data for incident response, forensics, and regulatory compliance. On the other hand, SOAR (Security Orchestration Automation and Response) platforms allow organizations to collect data about security threats from multiple sources and respond to low-level security events without human assistance. References: Cisco Cybersecurity Operations Fundamentals

by Bertram at Mar 05, 2025, 05:09 AM

Limited Time Offer

15%

Off

Get Premium 200-201 Questions as Interactive Self Test Engine or PDF

Comments

0 Happy Clients

0 Shares

0 Demo Downloads

10 Years in Business