Introduction to Security Operations

What does SOC stand for?

Security Operation Center

How many hours a day does the SOC monitor the network?

24

Elements of Security Operations

What does NSM stand for?

Network security monitoring

Practical Example of SOC

Add the necessary firewall rules to block the ongoing attack. What is the flag that you have received after successfully stopping the attack?

Select the IP of the Device sending red packets as the "Source IP", the server as the "Destination IP", Port 80 as the Port and "DROP" as Action and click the "Add Rule"-button. After a short while the traffic to the Destination will be reduced to a minimum and you get the flag.

THM{ATTACK_BLOCKED}