John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming. Which of the following data source will he use to prepare the dashboard?

Last Updated on August 1, 2021 by Admin 1

John as a SOC analyst is worried about the amount of Tor traffic hitting the network. He wants to prepare a dashboard in the SIEM to get a graph to identify the locations from where the TOR traffic is coming.

Which of the following data source will he use to prepare the dashboard?

  • DHCP/Logs capable of maintaining IP addresses or hostnames with IPtoName resolution.
  • IIS/Web Server logs with IP addresses and user agent IPtouseragent resolution.
  • DNS/ Web Server logs with IP addresses.
  • Apache/ Web Server logs with IP addresses and Host Name.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments