PrepAway - Latest Free Exam Questions & Answers

Which of the following best defines a Computer Security…

Which of the following best defines a Computer Security Incident Response Team (CSIRT)?

PrepAway - Latest Free Exam Questions & Answers

A.
An organization that provides a secure channel for receiving reports about suspected security incidents.

B.
An organization that ensures that security incidents are reported to the authorities.

C.
An organization that coordinates and supports the response to security incidents.

D.
An organization that disseminates incident-related information to its constituency and other involved parties.

Explanation:
Many organizations now have a dedicated team responsible for investigating any computer security incidents
that take place. These teams are commonly known as computer incident response teams (CIRTs) or computer
security incident response teams (CSIRTs).
Note: When an incident occurs, the response team has four primary responsibilities:
Determine the amount and scope of damage caused by the incident.
Determine whether any confidential information was compromised during the incident.
Implement any necessary recovery procedures to restore security and recover from incident – related
damages.
Supervise the implementation of any additional security measures necessary to improve security and
prevent recurrence of the incident.
Incorrect Answers:
A: The CSIRT is not set up to receive reports on security incidents. The CSIRT handles the security incidents
when they occur.
B: The CSIRT is not set up to alert authorities of security incidents. The CSIRT handles the security incidents
when they occur.
D: The CSIRT is not set up to inform on security incidents. The CSIRT handles the security incidents when they
occur.References:
Stewart, James M., Ed Tittel, and Mike Chapple, CISSP: Certified Information Systems Security Professional
Study Guide, 5th Edition, Sybex, Indianapolis, 2011, p. 726


Leave a Reply