What is the main role of a Security Operations Center (SOC)?
The SOC is responsible for continuous monitoring and analysis of an organization's security posture.
What does a SIEM system do?
A SIEM system aggregates and analyzes log data for threat detection and response.
What is the purpose of log correlation in security monitoring?
Log correlation helps identify relationships between multiple events to detect threats.
Which metric represents the average time taken to detect a security incident?
Mean Time to Detect (MTTD) measures the average time to identify threats after they occur.
Why is continuous monitoring essential in cybersecurity?
It enables real-time visibility and rapid response to security threats.
What is alert fatigue in security operations?
Alert fatigue occurs when analysts are overwhelmed with alerts, increasing the risk of missing real threats.
Loading Questions...
What is the purpose of a security dashboard?
Dashboards offer visual representations of system security health and key performance metrics.
What should be the response when a security event is detected?
Prompt investigation and mitigation help minimize damage from security events.
Which team handles alerts and threat mitigation in real-time?
The SOC team specializes in real-time security event handling and incident response.