An organization wants to ensure that their SIEM system is optimized for quick detection and analysis of security incidents. What is the BEST approach to achieve this goal?
Increase the storage capacity to accommodate more log data.
Invest in a faster processing server to handle an increased volume of security data.
Generate scheduled reports for manual review every 24 hours.
Enable event correlation rules to identify related activities across multiple log sources.
|Incident Response and Management
|Reporting and Communication