exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam

Exam CS0-003 topic 1 question 72 discussion

Actual exam question from CompTIA's CS0-003
Question #: 72
Topic #: 1
[All CS0-003 Questions]

A cybersecurity team lead is developing metrics to present in the weekly executive briefs. Executives are interested in knowing how long it takes to stop the spread of malware that enters the network. Which of the following metrics should the team lead include in the briefs?

  • A. Mean time between failures
  • B. Mean time to detect
  • C. Mean time to remediate
  • D. Mean time to contain
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
[Removed]
Highly Voted 1 year, 3 months ago
Selected Answer: C
Going with C only because Mean Time to Contain (MTTC) isn't listed on the Exam Objectives (4.2 Explain the importance of incident response reporting and communication). Metrics and KPIs are - Mean time to detect - Mean time to respond - Mean time to remediate
upvoted 20 times
IamBaba
7 months, 3 weeks ago
However in the 'About the Exam ' section, compTIA did state that :"PLEASE NOTE: The lists of examples provided in bulleted format are not exhaustive lists. Other examples of technologies, processes, or tasks pertaining to each objective may also be included on the exam,although not listed or covered in this objectives document. "
upvoted 4 times
...
throughthefray
1 year, 3 months ago
You must be new here lol Ive seen many things not in the exam objectives on their exams... They asked for D So i gave them D D is the answer
upvoted 27 times
...
Sebatian20
1 year, 3 months ago
"how long it takes to stop the spread of malware that enters the network" Knowing Comptia, MTTC not being in the exam objectives don't mean much. They are asking to contain, not to remove/restore. Going with D
upvoted 6 times
Ree1234
10 months ago
Nope that's wrong, you must read the question again, you misunderstood it. To calculate MTTC, you need to take the sum of the hours spent detecting, acknowledging, and resolving an alert, and divide it by the number of incidents. MTTR in cybersecurity refers to the time it takes the team to get the system back up and running after a cybersecurity breach. The question is saying 'Executives are interested in knowing how long it takes to stop the spread of malware that enters the network. ' MEANING FROM THE MOMENT THE BREACH IS IDENTIFIED TO WHEN ITS RESOLVED , EXCLIDING THE HOURS THAT CAN BE SPENT TO DETECT. MTTD is essentially the time it takes to detect an issue, while MTTR tells us how long it takes to repair it.. Therefore Option C is the correct answer.
upvoted 1 times
...
...
...
leesuh
Most Recent 1 week, 1 day ago
Selected Answer: D
MTTC-- The executives want to stop the spread (contain)
upvoted 1 times
...
passingtoday
1 month, 4 weeks ago
Selected Answer: D
D. Mean time to contain Mean Time to Contain (MTTC) is the metric that measures how long it takes to stop the spread of malware once it has been detected in the network. This metric is directly relevant to the executives' interest in understanding the response time to contain malware and prevent it from spreading further within the network.
upvoted 1 times
...
luiiizsoares
3 months, 3 weeks ago
Selected Answer: D
D. Mean Time to Contain (MTTC) Analysis of the Correct Answer: Mean Time to Contain (MTTC) measures the time required to isolate or neutralize a threat after it has been detected. This is the most relevant metric because it reflects how effectively the team can limit the damage and prevent further spread of the malware. Why this matters for executives: MTTC directly ties to risk reduction and operational resilience, critical concerns for executives. It showcases the team's capability to manage active threats efficiently. Operational impact: A shorter MTTC minimizes the scope and costs of an incident, reducing the likelihood of extended downtime or widespread data compromise.
upvoted 2 times
...
Wiggie
4 months, 2 weeks ago
Selected Answer: D
The answer is D
upvoted 1 times
...
hashed_pony
4 months, 3 weeks ago
Anythig other than D is wrong.
upvoted 1 times
...
Frannie23
5 months ago
C is correct; they are asking what the analyst should include in the report
upvoted 1 times
...
cy_analyst
5 months, 2 weeks ago
Selected Answer: D
Mean time to remediate (MTTR) focuses on fully resolving the issue, including recovery, which goes beyond just containing the threat.
upvoted 1 times
...
Lilik
6 months, 3 weeks ago
C is correct. MTTR is the amount of time it takes an organization to neutralize an identified threat or failure within their network environment.
upvoted 1 times
...
maggie22
9 months ago
Selected Answer: D
Though MTTC is not in the objectives, comptia will likely put this in the exam.
upvoted 3 times
...
myazureexams
9 months, 4 weeks ago
Selected Answer: C
CompTIA CertMaster 9B lists Mean Time to detect, mean time to respond, and mean time to remediate. There is no "Mean Time to Contain". So the BEST answer is C Mean time to Remediate. CertMaster "Mean Time to Remediate—A metric used to measure how quickly an organization can resolve an incident. MTTR is a valuable metric for evaluating an organization’s effectiveness in responding to and resolving incidents." Answer is C
upvoted 1 times
IamBaba
7 months, 3 weeks ago
But compTIA stated the list is non-exhaustive.
upvoted 2 times
...
...
Ree1234
10 months ago
Selected Answer: C
MTTD is essentially the time it takes to detect an issue, while MTTR tells us how long it takes to repair it
upvoted 1 times
...
belcher29
10 months, 2 weeks ago
Selected Answer: C
Mean Time to Contain is not listed on study material. Mean time to detect. Mean time to respond. Mean time to remediate
upvoted 2 times
...
iganinja5
11 months ago
Selected Answer: D
I am part of an incident response team, to stop is to contain. My answer is D.
upvoted 3 times
...
bettyboo
12 months ago
Selected Answer: C
C. Mean time to remediate
upvoted 2 times
...
T1bii
1 year ago
Ca doit être D: https://turingpoint.de/en/blog/what-doesmean-time-to-contain-mttc-mean/ MTTC contient MTTR
upvoted 1 times
...
FATWENTYSIX
1 year, 1 month ago
Selected Answer: C
The Incident Response Metrics and KPIs point to four measures you consider as you think about incident response. These are likely to be found not only in incident response reports but are also commonly part of ongoing reporting for security organizations. 1. Mean time to detect, 2. Mean time to respond, 3. Mean time to remediate, and 4. Alert volume. (CySA Study Guide, 3rd Edition, pg 436)
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago