nerdexam
(ISC)2

CISSP · Question #1426

The Chief Information Security Officer (CISO) of a small organization is making a case for building a security operations center (SOC). While debating between an in-house, fully outsourced, or a hybri

The correct answer is D. Scope and service catalog. The main consideration for building a security operations center (SOC), regardless of the model, is the scope and service catalog. The scope and service catalog define the objectives, functions, and deliverables of the SOC, such as monitoring, detection, analysis, response, and r

Submitted by haru.x· Mar 5, 2026Security Operations

Question

The Chief Information Security Officer (CISO) of a small organization is making a case for building a security operations center (SOC). While debating between an in-house, fully outsourced, or a hybrid capability, which of the following would be the MAIN consideration, regardless of the model?

Options

  • ASkill set and training
  • BHeadcount and capacity
  • CTools and technologies
  • DScope and service catalog

How the community answered

(32 responses)
  • A
    13% (4)
  • B
    6% (2)
  • C
    3% (1)
  • D
    78% (25)

Explanation

The main consideration for building a security operations center (SOC), regardless of the model, is the scope and service catalog. The scope and service catalog define the objectives, functions, and deliverables of the SOC, such as monitoring, detection, analysis, response, and reporting of security incidents and events. The scope and service catalog also specify the roles and responsibilities, processes and procedures, standards and metrics, and tools and technologies that the SOC will use to perform its tasks. The scope and service catalog should align with the organization's security policies and strategies, and meet the expectations and requirements of the stakeholders and customers. The scope and service catalog should also be flexible and scalable, to adapt to the changing security landscape and threats. The other considerations, such as skill set and training, headcount and capacity, and tools and technologies, are important, but they depend on the scope and service catalog of the SOC.

Topics

#SOC planning#security operations#service catalog

Community Discussion

No community discussion yet for this question.

Full CISSP Practice