210-255 · Question #14
Which source provides reports of vulnerabilities in software and hardware to a Security Operations Center?
The correct answer is C. Internal CSIRT. An Internal CSIRT is the organizational team directly responsible for collecting and reporting vulnerability information in software and hardware to the SOC. External or national-level entities do not report directly into an organization's SOC.
Question
Which source provides reports of vulnerabilities in software and hardware to a Security Operations Center?
Options
- AAnalysis Center
- BNational CSIRT
- CInternal CSIRT
- DPhysical Security
How the community answered
(30 responses)- A3% (1)
- B7% (2)
- C87% (26)
- D3% (1)
Why each option
An Internal CSIRT is the organizational team directly responsible for collecting and reporting vulnerability information in software and hardware to the SOC. External or national-level entities do not report directly into an organization's SOC.
Analysis Center is not a recognized or standardized entity type that provides vulnerability reports to a SOC.
A National CSIRT operates at a government or national level and publishes broad public advisories; it does not report vulnerability findings directly to an individual organization's SOC.
An Internal CSIRT (Computer Security Incident Response Team) is embedded within the organization and serves as a primary internal source of vulnerability intelligence, aggregating reports from vendors, threat feeds, and scanners and delivering them to the SOC for analysis and action.
Physical Security teams protect physical assets and facilities and do not produce software or hardware vulnerability reports for the SOC.
Concept tested: Internal CSIRT role as SOC vulnerability data source
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
Topics
Community Discussion
No community discussion yet for this question.