A-Warded LogoA-WardedSign Up Free

6. Operations

Monitoring — Quiz

Test your understanding of monitoring with 5 practice questions.

Read the lesson first

Practice Questions

Question 1

What is the primary benefit of normalizing log data in a SIEM system?

Question 2

In a detection rule that triggers when network traffic from a host exceeds its baseline by 120\\% within a 10-minute window, which type of rule is implemented?

Question 3

A SIEM ingests logs at a rate of 500\,MB per hour and retains them for 90 days. How much raw storage (in GB) is required? Show your calculation.

Question 4

A detection rule originally generated 400 false positives per week. After tuning, false positives are reduced to 25\\% of the original value. How many false positives remain? Show your calculation.

Question 5

Which of the following is considered a leading metric in cybersecurity monitoring?
Monitoring Quiz — Cybersecurity | A-Warded