One is "high" IDS and the other is "normal"

One is "host" IDS and the other is "normal"

One is "homogeneous" IDS and the other is "network"

They are the same thing

None of the above

Difficulty in keeping the lists readable

Difficulty in managing more than one list

Behavioral anomalies

Variants

All of the above

A SIEM will not work with proper crypto

SIEM security requires network tunnels

SIEMS always require SOCs

SOCs typically use SIEMS

All the above

Perimeter protection works great on enterprise networks

Perimeter protection works poorly on enterprise networks

Perimeters work unless mobility is present

Cloud requires perimeter protection

All of the above

It is a mandatory requirement in most compliance frameworks

It requires 24 by 7 operation

It is already done in other parts of the enterprise

It reduces response cycle times

None of the above

IDS = IPS

SIEM = SOC

IDS is implied by IPS

SOC is implied by SIEM

All of the above

Increased application-level authentication of the client

Running a scan on the web server for vulnerabilities

Implementing improved auditing on both the client and server

None of the above.