Cyber defense



Download 2.54 Mb.
View original pdf
Page42/85
Date09.12.2022
Size2.54 Mb.
#60094
1   ...   38   39   40   41   42   43   44   45   ...   85
Cyber Defense Handbook
CIBERDEFENSA
ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR
55
Operational capabilities
337.
The cyberspace force must have capabilities aimed at conducting cyber operations defensive, exploitative, and offensive, such as security and information event management
(SIEM), operational intelligence, response, digital forensics and deployable cyber defense.
Security event management
338.
Currently, there is an unclear use of several terms (NOC, SOC, CERT, CSIRT, CyOC) to designate organizations with cybersecurity responsibilities, creating confounding situations and contradictory perceptions that hinder understanding and collaboration when facing cyber threats.
339.
Network Operations Center (NOC) is an operational center that monitors its own network and systems in order to preserve the operation and availability of services. It must have the capability to detect malfunctions and interruptions of services. The reaction capability is limited to failure prevention and service recovery within its own network.
340.
Security Operations Center (SOC) is an operational center that monitors its own networks and systems in order to preserve their security. It must have capability to detect malicious activities targeting its own networks and information. Its reaction capability is limited to preventing, detecting and stopping malicious activities within its own network.
341.
CERT
25
is a registered trademark owned by Carnegie Mellon University that refers to an entity, normally associated with a specific sector (government, defense, university, banking, business, critical infrastructure, etc) created with the purpose of preventing, minimizing or eliminating computer security events or incidents. The use of the term CERT requires the express permission of Carnegie Mellon University.
342.
CSIRT
26
is a generic term fora team with a purpose similar to CERT, but with unrestricted use and therefore requires no authorization.
343.
The terms CERT and CSIRT are commonly used to grant a SOC with an official character, recognized and registered by international organizations (FIRST

Download 2.54 Mb.

Share with your friends:
1   ...   38   39   40   41   42   43   44   45   ...   85




The database is protected by copyright ©ininet.org 2024
send message

    Main page