SECOPS 11: SOC Metrics Flashcards Preview

CCNA Cyber Ops SECOPS > SECOPS 11: SOC Metrics > Flashcards

Flashcards in SECOPS 11: SOC Metrics Deck (7)
Loading flashcards...
1

SIEM Functions

Collection
Normalization
Correlation
Dedupe
Reporting tools

2

TTD

Time to Detection

3

TTD Defined

Time between malicious event on endpoint and detection

4

Components of dwell time (3)

Event
Event Analysis (Triage)
Report time

5

Contain time (1)

Contain

6

Business Impact (2)

Contain
Remediate

7

TTD aka

Dwell time