Chapter 12

Challenges in the Security Operations Center (SOC)

This chapter covers the following topics:

Security Monitoring Challenges in the SOC

Additional Evasion and Obfuscation Techniques

There are several security monitoring operational challenges, including encryption, Network Address Translation (NAT), time synchronization, Tor, and peer-to peer communications. This chapter covers these operational challenges in detail. Attackers try to abuse system and network vulnerabilities to accomplish something; however, there is another element that can make or break the success of the attack. Attackers need to be stealthy and be able to evade security techniques and technologies. Attackers must consider the amount of exposure an attack may cause ...

Get Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.