Security Operations Essentials Flashcards

Medium

Spaced repetition with the SM-2 algorithm — grade each card and PlayPrepHQ schedules it to resurface right before you'd forget it. Progress saves in this browser.

Loading your deck…

Terms in this set

Patching Applying updates to fix vulnerabilities, bugs, or add features.
Hardening Reducing attack surface by removing unneeded services, accounts, and features.
Logging Recording events from systems, applications, and network devices for monitoring and forensics.
Monitoring Continuous observation of systems, networks, and identities for signs of compromise or misuse.
SIEM Security Information and Event Management — centralizes log collection, correlation, and alerting.
SOAR Security Orchestration, Automation, and Response — automates and connects security tools and workflows.
Dashboard A visual summary of security signals — alerts, metrics, threats — used by analysts and leaders.
Retention How long data — especially logs — is kept before being archived or destroyed.
DLP Data Loss Prevention — detects and blocks sensitive data from leaving the organization.
Triage Initial sorting of alerts or incidents by severity and impact to focus response.
Playbook A step-by-step procedure that responders follow for a specific incident type.