SOC: (Security Operation Center)
SOC: (Security Operation Center)
SOC: (Security Operation Center)
The primary function of the NOC is to establish and maintain the health
and wellness of an organization’s infrastructure. A NOC concentrates
on keeping the network running while a SOC manages security events
to
protect the network.
The SOC must be able to validate and correlate alerts and information,
put these events in context with the organizations’ network
environment and provide this critical intelligence to key staff in real-
time or near real-time via various alerting mechanisms such as emails,
pagers, or trouble ticketing.
Responsibility:
- Source address.
- Destination address.
- Network protocol.
- Service protocol.
- Traffic log.
Configuration management may be performed remotely
(remote configuration management)
• Reporting
• Security Alert
• Security assessment
These functions comprise the Security Assessment:
- Vulnerability assessment
- Penetration test
o Vulnerability assessment:
• Technical assistance