1. Demo Question title hare?
- A. SOC Manager
- B. Tier 2 personnel
- C. Tier 3 personnel
- D. Tier 1 personnel
In a SOC, the job of a Tier 1 Alert Analyst includes monitoring incoming alerts and verifying that a true security incident has occurred.
2. Demo Question title hare?
- A. The SOC manager to ask for other personnel to be assigned
- B. An alert analyst for further analysis
- C. A SME for further investigation
- D. A cyberoperations analyst for help
An incident responder is a Tier 2 security professional in a SOC. If the responder cannot resolve the incident ticket, the incident ticket should be escalated to the next tier support, a Tier 3. A Tier 3 SME would further investigate the incident.