CISSP · Question #1426
The Chief Information Security Officer (CISO) of a small organization is making a case for building a security operations center (SOC). While debating between an in-house, fully outsourced, or a hybri
The correct answer is D. Scope and service catalog. The main consideration for building a security operations center (SOC), regardless of the model, is the scope and service catalog. The scope and service catalog define the objectives, functions, and deliverables of the SOC, such as monitoring, detection, analysis, response, and r
Question
Options
- ASkill set and training
- BHeadcount and capacity
- CTools and technologies
- DScope and service catalog
How the community answered
(32 responses)- A13% (4)
- B6% (2)
- C3% (1)
- D78% (25)
Explanation
The main consideration for building a security operations center (SOC), regardless of the model, is the scope and service catalog. The scope and service catalog define the objectives, functions, and deliverables of the SOC, such as monitoring, detection, analysis, response, and reporting of security incidents and events. The scope and service catalog also specify the roles and responsibilities, processes and procedures, standards and metrics, and tools and technologies that the SOC will use to perform its tasks. The scope and service catalog should align with the organization's security policies and strategies, and meet the expectations and requirements of the stakeholders and customers. The scope and service catalog should also be flexible and scalable, to adapt to the changing security landscape and threats. The other considerations, such as skill set and training, headcount and capacity, and tools and technologies, are important, but they depend on the scope and service catalog of the SOC.
Topics
Community Discussion
No community discussion yet for this question.