ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 32 discussion

Actual exam question from CompTIA's CS0-003
Question #: 32
Topic #: 1
[All CS0-003 Questions]

Which of the following describes how a CSIRT lead determines who should be communicated with and when during a security incident?

  • A. The lead should review what is documented in the incident response policy or plan
  • B. Management level members of the CSIRT should make that decision
  • C. The lead has the authority to decide who to communicate with at any t me
  • D. Subject matter experts on the team should communicate with others within the specified area of expertise
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by kmordalv at Sept. 7, 2023, 11:06 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
LifeElevated
2 days, 4 hours ago
Selected Answer: A
Not a ChatGPT answer: The Incident Response Plan (IRP) is exactly what the name says... a Plan, follow it. Turns out we take tons of time to ensure that these plans are extremely in-depth. When writing mine I gave it to my most junior members to run through a scenario. We don't tell people we don't need to
upvoted 3 times
...
Alizade
3 weeks, 5 days ago
Selected Answer: A
The answer is A. The lead should review what is documented in the incident response policy or plan, as it should outline the escalation process and who should be communicated with during a security incident.
upvoted 2 times
...
kumax
1 month, 4 weeks ago
Selected Answer: A
ChatGPT
upvoted 1 times
...
kmordalv
3 months ago
Selected Answer: A
The incident response policy or plan is a document that defines the roles and responsibilities, procedures and processes, communication and escalation protocols, and reporting and documentation requirements for handling security incidents. The incident response policy or plan should also be aligned with the organizational policies and legal obligations regarding incident notification and disclosure.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago