3

Designing a Security Operations Strategy

The previous chapter discussed the design and framework for security architecture and controls based on technical and business goals. This chapter will discuss how to design and evaluate a strategy for security operations. This includes the design for logging and auditing for public, hybrid, and multi-cloud infrastructures to utilize SIEM and SOAR solutions. Once you have completed this chapter, you will be able to design a strategy for security operations and evaluate workflows and the incident management life cycle.

In this chapter, we are going to cover the following main topics:

  • Designing a logging and auditing strategy to support security operations
  • Developing security operations to support a ...

Get Microsoft Cybersecurity Architect Exam Ref SC-100 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.