Which of the following solutions should the SOC consider to BEST improve its response time?

SY0-601 V2 0 Comments

The SOC for a large MSSP is meeting to discuss the lessons learned from a recent incident that took much too long to resolve This type of incident has become more common in recent weeks and is consuming large amounts of the analysts’ time due to manual tasks being performed.

Which of the following solutions should the SOC consider to BEST improve its response time?
A . Configure a NIDS appliance using a Switched Port Analyzer
B. Collect OSINT and catalog the artifacts in a central repository
C. Implement a SOAR with customizable playbooks
D. Install a SIEM with community-driven threat intelligence

Answer: C

Explanation:

SOAR (Security Orchestration, Automation, and Response) Can use either playbook or runbook. It assists in collecting threat related data from a range of sources and automate

responses to low level threats. (frees up some of the CSIRT time)

Latest SY0-601 Dumps Valid Version with 396 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SY0-601 PDF     SY0-601 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments