You work as a SOC architect/designer and are asked to perform a technical interview for an organization interested in creating a dedicated SOC. Which of the following questions is irrelevant?
- Does your company require dedicated SOC monitoring and reporting year-round, 24 hours a day, seven days a week?
- Does your company have the required cybersecurity talent to support a dedicated SOC?
- Do you do have offices in countries where state-sponsored attacks have been reported?
- Does your risk analysis justify the high cost of a dedicated SOC?
| Explanation & Hint:
The question that is irrelevant to the technical interview for creating a dedicated SOC is: Do you do have offices in countries where state-sponsored attacks have been reported? The location of the company’s offices in countries with reported state-sponsored attacks may be of interest from a geopolitical threat perspective, but it is not a critical technical consideration when discussing the implementation and design of a dedicated SOC. The focus of a technical interview should be on the technical requirements, resources, and capabilities related to establishing and operating a SOC. The other questions address relevant aspects such as the need for continuous monitoring, available cybersecurity talent, and the cost-benefit analysis of a dedicated SOC. |