Which tier in a Security Operations Center (SOC) is primarily responsible for triaging alerts and determining whether to escalate?
Trap 1: SOC Manager
The SOC Manager oversees operations, not daily triage.
Trap 2: Tier 3
Tier 3 performs advanced analysis and threat hunting.
Trap 3: Tier 2
Tier 2 conducts deeper investigation, not initial triage.
- A
SOC Manager
Why wrong: The SOC Manager oversees operations, not daily triage.
- B
Tier 3
Why wrong: Tier 3 performs advanced analysis and threat hunting.
- C
Tier 2
Why wrong: Tier 2 conducts deeper investigation, not initial triage.
- D
Tier 1
Correct. Tier 1 handles initial alert monitoring and triage.