nerdexam
Exams210-255Questions#170
Cisco

210-255 · Question #170

210-255 Question #170: Real Exam Question with Answer & Explanation

The correct answer is D: incident handler. The incident handler is the designated role responsible for the initial triage and analysis of a security or operational incident.

Security Policies and Procedures

Question

Who is responsible for initially analyzing an incident to determine what has happened?

Options

  • AIT director
  • BCIO
  • Cserver administrator
  • Dincident handler

Explanation

The incident handler is the designated role responsible for the initial triage and analysis of a security or operational incident.

Common mistakes.

  • A. The IT director is a management role focused on strategy and oversight, not hands-on incident triage.
  • B. The CIO is an executive responsible for IT strategy at an organizational level, not frontline incident analysis.
  • C. A server administrator manages server infrastructure but does not hold the formal incident analysis responsibility defined in incident response frameworks.

Concept tested. Incident response roles and responsibilities

Reference. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Topics

#incident response#roles and responsibilities#incident handler#IR lifecycle

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-255 Practice
Who is responsible for initially analyzing an incident to... | 210-255 Q#170 Answer | NerdExam