Kibana is an interactive dashboard interface to Elasticsearch data. It allows
querying of NSM data and provides flexible visualizations of that data. It provides data
exploration and machine learning data analysis features.
5. Which type of analysis relies on different methods to establish the likelihood that a security event
has happened or will happen?
Integrated into the Security Onion, OSSEC is a host-based intrusion detection
system (HIDS) that can conduct file integrity monitoring, local log monitoring, system process
monitoring, and rootkit detection.
8. What are three analysis tools that are integrated into Security Onion? (Choose three.)
Wazuh is a HIDS that will replace OSSEC in Security Onion. It is a full-featured
solution that provides a broad spectrum of endpoint protection mechanisms including host logfile
analysis, file integrity monitoring, vulnerability detection, configuration assessment, and incident
11. Which tool would an analyst use to start a workflow investigation?