By using data normalization duplicate data is removed and the overal memory/storage impact is reduced. This will make the data actionable. It's debatable if it really helps with the integrity of the data, but you could argue by removing the duplicates the data can be matched better with timestamps from other data sources in a forensic investigation.
So answer B is correct
"B" is correct
Data normalization is the process of capturing, storing, and analyzing data (security-related events, in this case) so that it exists in only one form. One of the main goals of data normalization is to purge redundant data while maintaining data integrity. The normalized data is protected by making sure that any manifestation of the same data elsewhere is only making a reference to the data that is being stored.
Intrusion prevention systems (IPSs) focus on throughput for the most rapid and optimal inline performance. While doing so, in most cases, it is impossible for full normalization to take place. Traditional IPS devices often rely on shortcuts that only implement partial normalization and partial inspection. However, this increases the risk of evasions. Fragmentation handling is an example of such an evasion.
Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
By Omar Santos
B is correct
Intrusion prevention systems (IPSs) focus on throughput for the most rapid and optimal inline performance. While doing so, in most cases, it is impossible for full normalization to take place. Traditional IPS devices often rely on shortcuts that only implement partial
normalization and partial inspection
The correct answer is B. Data normalization.
Data normalization is the process of organizing data in a database so that it is consistent and easily manageable. In the context of IPS events, data normalization refers to the process of removing redundant or unnecessary data to improve data integrity. By removing duplicates or inconsistent data, it ensures that the data stored is accurate and up-to-date.
The other options are incorrect because they do not accurately describe the process of removing IPS events to improve data integrity:
A. Data availability refers to the ability to access and retrieve data when it is needed.
C. Data signature refers to a unique identifier that is attached to data to verify its authenticity and integrity.
D. Data protection refers to the measures taken to secure and protect data from unauthorized access or loss.
So, the correct answer is B. Data normalization.
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Leo_Visser
Highly Voted 3 years, 11 months agoafifulinuha
3 years, 8 months agoanonymous1966
Highly Voted 7 months, 2 weeks agoRolandoFiee
Most Recent 7 months, 2 weeks agodrdecker100
7 months, 2 weeks agokenprewitt
11 months agomsg01
1 year, 5 months agoPrettyMs
1 year, 6 months agoWISDOM2080
1 year, 8 months agoUzumaki_Aliyy
2 years, 9 months agohalamah
3 years, 6 months ago