Facilities
The facilities in which a team will operate is another consideration that must be taken into account when determining the number of resources needed to staff a team. The monitoring of devices such as intrusion detection systems is normally accomplished in an area that is referred to as a security operations center (SOC). The security functions may also be incorporated into the network operations center (NOC). The main difference in these two types of operations centers is the focus of the activity. As the name implies, the focal point of operations in an SOC is computer security, featuring activities such as monitoring and managing firewalls and intrusion detection systems. The focus of the activity in an NOC is network operations—ensuring ...
Get Effective Incident Response Team, The now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
