Sound the Alarm: Detection and Response | Weekly challenge 1 Quiz |
What is the difference between a security information and event management (SIEM) tool and a security orchestration, automation, and response (SOAR) tool?
- SIEM tools and SOAR tools have the same capabilities.
- SIEM tools collect and analyze log data, which are then reviewed by security analysts. SOAR tools use automation to respond to security incidents.
- SIEM tools use automation to respond to security incidents. SOAR tools collect and analyze log data, which are then reviewed by security analysts.
- SIEM tools are used for case management while SOAR tools collect, analyze, and report on log data.