security monitoring

Question: 1

The position that I would staff in a SOC include maintenance of the security monitoring tools and investigation of suspicious activities. These will ensure that the system is effectively secured. Tool will be updated on a regular basis. These will be duties of security engineer (Stern, 2017). The tools to be deployed in the SOC include intrusion prevention and detection systems to help in analyzing network traffic for any presence of signatures that may be similar to known cyberattacks. The second tool is Endpoint Protection Systems to protect the enterprise endpoints in the network in case it is accessed through remote devices like laptops or other wireless device.  The third too is firewall which is necessary to block unwanted traffics and whitelist only the specific ports and hosts needed (Arimatsu, Yano & Takahashi, 2018). The incident response plan (IRP) to be implemented for when a breach occurs will include the scope of the activities, the steps needed for the responses, the application of security tools, and an intrusion checklist and documentation for the lesson learnt.

References

Stern, A. (2017).Understanding the SOC Team Roles And Responsibilities. Retrieved from https://www.siemplify.co/blog/understanding-the-soc-team-roles-and-responsibilities/

Answer:

I want 150 words explanation on above paragraph. you must include at least two citations and 2 references., your sentence must be start from, I like your post, I would like to add some more details on your discussion.

Question:2  

A security operations center (SOC) is a very important department in any organization. A security operations center at the New York Stock Exchange is very crucial especially in ensuring there is enough cybersecurity. There are different positions that I would staff in a security operations center and one of them is a security analyst whose role is to detect threats, investigate them, and respond to them on time. The other staff to incorporate is the security engineer who is responsible for maintaining tools, updating systems and recommending new tools to be used in security (Amos, 2017). The security manager is another staff who is in charge of every operation concerning the security of the New York Stock Exchange. The chief information security officer is another staff whose responsibility is to define and outline the New York Stock Exchange security operations.

There are different tools I would deploy in the SOC which include asset discovery which is used in capturing accurate real-time data in the company’s premises and cloud environment. Vulnerability assessment is another tool that helps in detecting tiny cracks that attackers use to infiltrate critical systems of the company. The behavioral monitoring tool is another SOC tool that is necessary for showing activities that rare exception to the norm (Amy, 2019). The response plan (IRP) that I would implement when a breach occurs includes seven stages. The first one is the preparation that is being prepared for the worst. The next stage is identifying the actual incident and the next stage is containing the problem. After that, an investigation is done to understand what happened to the system. The next step is eradicating the issue and later recovery is done where the company gets back to normal and lastly a follow-up is done where some questions are answered to ensure the process is enough and effective.

Answer:

I want 150 words explanation on above paragraph. you must include at least two citations and 2 references., your sentence must be start from, I like your post, I would like to add some more details on your discussion.