Chapter 1 - Defining Security Operations Flashcards
The type of SOC which proactively hunts for malicious threats on the network.
Threat-Centric SOC
The type of SOC that is focused on comparing the network system to reference templates and standard system builds.
Compliance-Based SOC
The type of SOC that is focused on monitoring the current status of the organizations security posture.
Operational-Based SOC
Name the three types of SOC’s
Operational-Based, Compliance-Based, and Threat-Centric
Name the science of examining and deciphering raw data or data sets with the purpose of drawing conclusions.
Data Analytics
What type of log mining is reconstructing or following the network traffic flow?
Sequencing
What type of log mining is an interpretation of a chain of consecutive events that occur during a set period of time?
Path Analysis
What type of log mining is used to go through large amounts of log data to build profiles and to identify anomalous behaviour?
Log Clustering
What is a branch of digital forensics that relates to the monitoring and analysis of network traffic, with the purpose of evidence gathering or intrusion detection?
Network Forensics
Who’s role is it to prioritize work and organize resources with the goal of detecting, investigating, and mitigating incidents that could impact the business?
SOC Manager