정답: C
The primary responsibilities of security operations for handling and reporting violations and incidents are monitoring and identifying system failures, alerting key personnel, and containing events. Security operations are the activities and processes that aim to protect the organization's information assets and systems from threats and attacks, and to ensure the availability, integrity, and confidentiality of the data and services. Security operations involve handling and reporting violations and incidents, which are any events or situations that deviate from the normal or expected behavior or performance of the systems or the users, and that may compromise the security or the functionality of the systems or the users. Handling and reporting violations and incidents require the following responsibilities:
Monitoring and identifying system failures: This responsibility involves using tools and techniques, such as security information and event management (SIEM), intrusion detection and prevention systems (IDPS), or log analysis, to continuously observe and analyze the status and the activity of the systems, and to detect and recognize any anomalies, errors, or malfunctions that may indicate a violation or an incident.
Alerting key personnel: This responsibility involves notifying and informing the relevant stakeholders, such as the management, the staff, the customers, or the authorities, about the occurrence and the details of the violation or the incident, and providing guidance and instructions on how to respond or react to the situation.
Containing events: This responsibility involves taking actions and measures, such as isolating, blocking, or shutting down the affected systems or components, to prevent or limit the spread or the impact of the violation or the incident, and to restore the normal or the desired state of the systems or the services.