Which three processes and workflows often fall under the responsibilities of a SOC? (Choose three.)

The three processes and workflows that often fall under the responsibilities of a SOC (Security Operations Center) are:

1. Cybersecurity incident management: SOC is responsible for detecting, triaging, investigating, and responding to security incidents within an organization. This includes handling incidents such as data breaches, malware infections, and other security threats.
2. Threat intelligence and hunting: SOC teams actively gather and analyze threat intelligence to proactively identify and hunt for potential security threats. They seek to uncover threats that may not be detected by traditional security controls.
3. Governance and compliance management: SOC plays a role in ensuring that an organization adheres to governance, risk, and compliance (GRC) requirements. They monitor and report on security compliance and help maintain a strong security posture to meet regulatory and industry standards.

The other options, such as end-user passwords change management and business applications software life-cycle management, are typically outside the direct scope of the SOC’s responsibilities. These may be managed by other IT or security teams within the organization.