Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CS0-003 Topic 8 Question 13 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 13
Topic #: 8
[All CS0-003 Questions]

A security team conducts a lessons-learned meeting after struggling to determine who should conduct the next steps following a security event. Which of the following should the team create to address this issue?

Show Suggested Answer Hide Answer
Suggested Answer: C

An incident response plan (IRP) is a document that defines the roles and responsibilities, procedures, and guidelines for responding to a security incident. It helps the security team to act quickly and effectively, minimizing the impact and cost of the incident. An IRP should specify who should conduct the next steps following a security event, such as containment, eradication, recovery, and analysis12. Reference: CompTIA CySA+ CS0-003 Certification Study Guide, page 362; 6 Incident Response Steps to Take After a Security Event, section 2.


by Fatima at Feb 13, 2024, 12:43 AM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Marica
4 days ago
Hmm, I'm not so sure about that. Wouldn't a service-level agreement be more appropriate? That way they can define the expected response times and escalation procedures. Might be easier than a full-blown incident response plan.
upvoted 0 times
...
An
5 days ago
I don't know, the change management plan could also be helpful. If they're struggling to determine who should do what, maybe they need to review their processes and protocols. Tighten things up, you know?
upvoted 0 times
...
Ines
6 days ago
Yeah, I agree. The incident response plan is probably the best option. It needs to be comprehensive and cover all the bases, so everyone knows their part if something like this happens again.
upvoted 0 times
...
Adelle
7 days ago
Whew, that's a tough one. Sounds like they really dropped the ball on that security event. I'm guessing the incident response plan would be the way to go here - it should clearly outline the roles and responsibilities for everyone involved.
upvoted 0 times
...

Save Cancel