nerdexam
Cisco

210-255 · Question #14

Which source provides reports of vulnerabilities in software and hardware to a Security Operations Center?

The correct answer is C. Internal CSIRT. An Internal CSIRT is the organizational team directly responsible for collecting and reporting vulnerability information in software and hardware to the SOC. External or national-level entities do not report directly into an organization's SOC.

Security Policies and Procedures

Question

Which source provides reports of vulnerabilities in software and hardware to a Security Operations Center?

Options

  • AAnalysis Center
  • BNational CSIRT
  • CInternal CSIRT
  • DPhysical Security

How the community answered

(30 responses)
  • A
    3% (1)
  • B
    7% (2)
  • C
    87% (26)
  • D
    3% (1)

Why each option

An Internal CSIRT is the organizational team directly responsible for collecting and reporting vulnerability information in software and hardware to the SOC. External or national-level entities do not report directly into an organization's SOC.

AAnalysis Center

Analysis Center is not a recognized or standardized entity type that provides vulnerability reports to a SOC.

BNational CSIRT

A National CSIRT operates at a government or national level and publishes broad public advisories; it does not report vulnerability findings directly to an individual organization's SOC.

CInternal CSIRTCorrect

An Internal CSIRT (Computer Security Incident Response Team) is embedded within the organization and serves as a primary internal source of vulnerability intelligence, aggregating reports from vendors, threat feeds, and scanners and delivering them to the SOC for analysis and action.

DPhysical Security

Physical Security teams protect physical assets and facilities and do not produce software or hardware vulnerability reports for the SOC.

Concept tested: Internal CSIRT role as SOC vulnerability data source

Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Topics

#CSIRT#vulnerability reporting#SOC operations#security organizations

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice