nerdexam
Exams210-255Questions#104
Cisco

210-255 · Question #104

210-255 Question #104: Real Exam Question with Answer & Explanation

The correct answer is D: Incident forensics ID. This question tests knowledge of the four main schema categories defined in the VERIS framework. 'Incident forensics ID' is not a recognized VERIS schema category.

Question

Which of the following is not an example of the VERIS main schema categories?

Options

  • AIncident tracking
  • BVictim demographics
  • CIncident descriptions
  • DIncident forensics ID

Explanation

This question tests knowledge of the four main schema categories defined in the VERIS framework. 'Incident forensics ID' is not a recognized VERIS schema category.

Common mistakes.

  • A. Incident tracking is one of the four main VERIS schema categories, covering metadata about the incident record such as identifiers, timelines, and source information.
  • B. Victim demographics is a legitimate VERIS schema category that captures attributes of the affected organization, including industry vertical and organizational size.
  • C. Incident description is a core VERIS schema category that details the threat actors, actions taken, assets affected, and attributes of the security incident.

Concept tested. VERIS framework main schema categories

Reference. https://verisframework.org/veris.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-255 Practice