๐ Home
โบ
Incident Detection & Response
โบ
Q4
60s
๐
๐จ Incident Detection & Response
Junior
Q4 / 5
Incident Detection & Response
An analyst receives 200 alerts per day but only 3 are real threats. What problem does this illustrate?
A
False negative overload โ the SIEM is missing too many real attacks
B
Alert fatigue caused by a high false positive rate โ analysts risk missing real threats
C
Insufficient log sources โ the SIEM needs more data inputs
D
Poor incident response process โ the team is not closing alerts fast enough
โ Previous
Select an answer above