Intro

Question 1

What are the domains in the model?

Answer 1

Business
Process
People
Service
Technology

Question 2

What is the mission of the model?

Answer 2

To improve security operations globally by providing services tooling and other content

Question 3

What is the difference between the basic processes? The advanced assessment model?

Answer 3

The advanced model at the concept of weight
It allows a more granular score and it enables practitioners to exclude questions

Question 4

What is the licensing model?

Answer 4

It is based in creative common BYSA 4.0 license
BY implies that attribution
SA means share alike copy left

Question 5

What is the status of the soccmm4cert

Answer 5

It will probably be discontinued

Question 6

What are typical use cases for the model?

Answer 6

Compliance
Current status ass asses
Target operating model

Question 7

What are the main challenges of a modern soc in the business domain?

Answer 7

Alignment with the business
24 seven
Hybrid soc: in-house versus outsourced
Governance of outsourcing partners

Question 8

What are the major challenges of a modern sock in the people domain?

Answer 8

Tiered versus untiered
Skill shortage
Engineering versus analyst capacity

Question 9

What are the main challenges of a modern soc in the process domain

Answer 9

Layer detection
Detection focus
Gaps in monitoring
Increasing event flow

Question 10

What are the main challenges of a modern stock in the technology domain?

Answer 10

Automation
Complexity
Cloud versus on prem monitoring
Monitoring and Saas first strategy
AI

Question 11

What types of assessment in terms of scope are covered in the model?

Answer 11

Quick scan
A scoped assessment
Full assessment

Baseline versus progress assessment

Question 12

What type of assessments are in the model based on who does the assessment?

Answer 12

Self assess
Guided self ass
Third-party assessment

Question 13

What type of assessments are there considering the formal level of the assessment?

Answer 13

Informal
Formal
Audit

Question 14

What data collection strategies can be used

Answer 14

Workshops
Interview interviews
Desk research
Expert opinion

Question 15

What is the duration of a typical assessment in terms of effort?

Answer 15

5 to 10 days

Question 16

How can an ROI be established?

Answer 16

Quantitatively for example by hours saved by automation
Qualitatively for example by implementing a soar solution

Question 17

What is meant by the term rules of engagement for a soc analyst?

Answer 17

What can of sock analyst do?
Only passive analysis
Offensive analysis
Or into the grey zone: hunting