2.1.9 Check Your Understanding – Identify the SOC Terminology Answers

1. Which SOC job role manages all the resources of the SOC and serves as a point of contact for the larger organization or customer?

  • SME/Threat Hunter
  • SOC Manager
  • Cybersecurity Analyst
  • Incident Responder

Explanation: The SOC manager oversees operation of the SOC and is the point-of-contact for internal and external customers.

2. Which SOC job role processes security alerts and forwards tickets to Tier 2 if necessary?

  • SME/Threat Hunter
  • SOC Manager
  • Cybersecurity Analyst
  • Incident Responder

Explanation: Cybersecurity Analysts are on the frontline of the SOC. They analyze alerts and determine whether security issues should be escalated to Tier 2 for in-depth analysis.

3. Which SOC job role is responsible for deep investigation of incidents?

  • SME/Threat Hunter
  • SOC Manager
  • Cybersecurity Analyst
  • Incident Responder

Explanation: Incident responders are professionals responsible for deep investigation of incidents and advising remediation or actions to be taken.

4. Which device integrates security information and event management into a single platform?

  • SIEM
  • SOAR
  • Threat Hunter

Explanation: SIEMs integrate security data and events into a single platform from which investigations can be conducted.

5. Which device integrates orchestration tools and resources to automatically respond to security events?

  • SIEM
  • SOAR
  • Threat Hunter

Explanation: SOAR enhances SIEM by orchestrating diverse tools and resources into a single platform and providing automated response to security events

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x