Challenges in the Security Operations Center (SOC)
This chapter covers the following topics:
There are several security monitoring operational challenges, including encryption, Network Address Translation (NAT), time synchronization, Tor, and peer-to peer communications. This chapter covers these operational challenges in detail. Attackers try to abuse system and network vulnerabilities to accomplish something; however, there is another element that can make or break the success of the attack. Attackers need to be stealthy and be able to evade security techniques and technologies. Attackers must consider the amount of exposure an attack may cause ...