Lecture 2 Flashcards

Developing a Security Operations Center

1
Q

What are the initial steps in developing a SOC?

A

Creating a new practice or enhancing an existing one, and defining high-level SOC development concepts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the purpose of a mission statement for a SOC?

A

To provide a concise explanation of the SOC’s core purpose and values, aligning with the organization’s mission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What should be included in a SOC scope statement?

A

Locations and networks, ownership, SOC objectives, technologies and services, and specifics on service availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why is it important to develop SOC procedures?

A

To provide detailed, step-by-step instructions on how services are executed by the SOC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are common SOC procedures?

A

Monitoring, Alerting, Escalation, Investigation, Incident logging, Compliance, Reporting, and Remediation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why is redundancy planning important in a SOC?

A

To ensure continuous operation of critical services and systems in the event of failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the physical requirements for SOC capacity planning?

A

Location(s) for hosting SOC employees and technology, power requirements, space for equipment, and physical security considerations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the technical requirements for SOC capacity planning?

A

Network throughput, types of technology, monitors, and other technical needs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What factors should be considered in SOC resource planning?

A

Cost savings, leveraging other teams’ resources, budget discussions, and consolidation of existing hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the goals of SOC goal alignment?

A

To reflect the number of required roles, expected skill sets, process enforcement, and technology to support SOC services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the importance of SOC maturity goals?

A

To plan for future SOC development regarding people, process, and technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Why is growth planning important for a SOC?

A

To account for required hardware, number of employees, collaboration, and other factors needed to deliver SOC services at the desired maturity level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How should SOC technology planning be approached?

A

By meeting with vendors and service partners to future-proof equipment and verify all hardware and connectivity requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the purpose of SOC redundancy planning?

A

To develop strategies for backup systems based on the SOC’s risk appetite and ensure high importance services have active redundancy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What should be considered when choosing the location for a SOC?

A

Proximity to network operations center, accessibility to essential resources, fire prevention strategy, and data sovereignty requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly