The Chief Information Security Officer (CISO) has just returned from attending a security conference and now wants to implement a Security Operations Center (SOC) to improve and coordinate the detection of unauthorized access to the enterprise. The CISO’s biggest concern is the increased number of attacks that the current infrastructure cannot detect.
Which of the following is MOST likely to be used in a SOC to address the CISO’s concerns?
A . DLP, Analytics, SIEM, Forensics, NIPS, HIPS, WIPS and eGRC
B . Forensics, White box testing, Log correlation, HIDS, and SSO
C . Vulnerability assessments, NIDP, HIDS, SCAP, Analytics and SIEM
D . eGRC, WIPS, Federated ID, Network enumerator, NIPS and Port Scanners
Answer: A