CertNexus Exam CFR-410 Topic 4 Question 28 Discussion

Actual exam question for CertNexus's CFR-410 exam

Question #: 28
Topic #: 4

What is the primary purpose of the "information security incident triage and processing function" in the (CSIRT) Computer Security Incident Response Team Services Framework?

ATo analyze and gain an understanding of a confirmed information security incident.

BTo initially review, categorize, prioritize, and process a reported information security incident.

CTo receive and process reports of potential information security incidents from constituents, Information Security Event Management services, or third parties.

DTo accept or receive information about an information security incident, as reported from constituents or third parties.

Show Suggested Answer

Suggested Answer: A

The ''Containment, eradication and recovery'' phase is the period in which incident response team tries to contain the incident and, if necessary, recover from it (restore any affected resources, data and/or processes).

by Judy at Feb 10, 2024, 03:08 PM

Limited Time Offer

25%

Off

Get Premium CFR-410 Questions as Interactive Web-Based Practice Test or PDF