@@ -296,6 +296,12 @@ For each SIEM system placed on the market, the manufacturer shall develop a thre
* EXP-2 Other kinds of secure network?
* EXP-3 Dubious network/public internet
<mark>
1. Interfaces or sources that are just used
2. CM clients that are trusted
3. Carbage from authrized sources
</mark>
#### 4.5.1.3 Skill Level of SIEM Adminsitrator
**[ADM]**: The manufacturer shall consider if a SIEM products is designed to be administered by cybersecurity specialists or IT generalists. Mitigations and requirements may vary depending on the skill and availability of the administrator.
@@ -303,7 +309,9 @@ For each SIEM system placed on the market, the manufacturer shall develop a thre
* ADM-1 Part time security specialist administrator
* ADM-2 IT generalist adminsitraor (full or part time)
#### 4.5.1.4 SIEM System Isolation
<mark>How well the admin knows the company?</mark>
#### 4.5.1.4 SIEM System Deployment Isolation
**[ISO]**
* ISO-0 SIEM system is hosted and managed on dedicated server or servers
