SOAR vs. SIEM
If you’re exploring security solutions, then you’ve likely come across a related security tool with a similar-sounding acronym: security information and event management (SIEM). What is SIEM, and how does it differ from SOAR? When should one solution be used over the other?
While SOAR tools are primarily used to orchestrate and automate threat response, SIEM offers greater visibility into activity through threat detection, log management, incident analysis, and regulatory and standards compliance. This visibility is achieved by logging and consolidating multiple streams of data from across your network, providing a bird’s-eye view of your organization’s overall security landscape.
The two systems work best in tandem. SIEM collects and analyzes data, SOAR runs based on that data—forming a complete solution for risk detection, visibility, and response. Answer: NO, NO, Yes
Playbook - Yes
Start when a new Microsoft Sentinel incident is created.
Send a message to your security operations channel in Microsoft Teams or Slack to make sure your security analysts are aware of the incident.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.MS-900 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
BhavyaSangam
Highly Voted 1 year, 3 months agoukiki
Highly Voted 1 year, 3 months agocxze
Most Recent 10 months, 1 week agoNerd1408
1 year, 5 months ago