Which of the following is NOT a key component of an effective security operations center (SOC)?

An effective security operations center (SOC) primarily focuses on aspects crucial for maintaining cybersecurity and managing incidents. The core functions involve monitoring, detection, and response and recovery.

Monitoring is essential because it allows the SOC to observe network traffic and system activities continuously, helping to identify anomalies or suspicious activities promptly. Detection is equally vital as it involves using various tools and techniques to identify security incidents as they occur. Response and recovery ensure that once an incident is detected, the SOC can take appropriate steps to mitigate the threat and restore systems to normal operation, thus minimizing the impact of security events.

In contrast, vendor management, while important in the broader context of organizational security and procurement, does not directly pertain to the fundamental operations of a SOC. It involves managing relationships with third-party vendors who may provide security solutions or services, which is outside the essential functions of monitoring, detecting, and responding to security incidents. Therefore, it is accurate to identify vendor management as not being a key component of an effective SOC.