The Chief Information Security Officer (CISO) has just returned from attending a security
conference and now wants to implement a Security Operations Center (SOC) to improve and
coordinate the detection of unauthorized access to the enterprise. The CISO’s biggest concern is
the increased number of attacks that the current infrastructure cannot detect. Which of the
following is MOST likely to be used in a SOC to address the CISO’s concerns?

A.
DLP, Analytics, SIEM, Forensics, NIPS, HIPS, WIPS and eGRC

B.
Forensics, White box testing, Log correlation, HIDS, and SSO

C.
Vulnerability assessments, NIDP, HIDS, SCAP, Analytics and SIEM

D.
eGRC, WIPS, Federated ID, Network enumerator, NIPS and Port Scanners