The SOC for a large MSSP is meeting to discuss the lessons learned from a recent incident that took much too
long to resolve. This type of incident has become more common in recent weeks and is consuming large
amounts of the analysts' time due to manual tasks being performed. Which of the following solutions should the
SOC consider to BEST improve its response time?
A. Configure a NIDS appliance using a Switched Port Analyzer.
B. Collect OSINT and catalog the artifacts in a central repository.
C. Implement a SOAR with customizable playbooks.
D. Install a SIEM with community-driven threat intelligence.
long to resolve. This type of incident has become more common in recent weeks and is consuming large
amounts of the analysts' time due to manual tasks being performed. Which of the following solutions should the
SOC consider to BEST improve its response time?
A. Configure a NIDS appliance using a Switched Port Analyzer.
B. Collect OSINT and catalog the artifacts in a central repository.
C. Implement a SOAR with customizable playbooks.
D. Install a SIEM with community-driven threat intelligence.