nerdexam
Cisco

210-255 · Question #170

Who is responsible for initially analyzing an incident to determine what has happened?

The correct answer is D. incident handler. The incident handler is the designated role responsible for the initial triage and analysis of a security or operational incident.

Security Policies and Procedures

Question

Who is responsible for initially analyzing an incident to determine what has happened?

Options

  • AIT director
  • BCIO
  • Cserver administrator
  • Dincident handler

How the community answered

(35 responses)
  • A
    3% (1)
  • B
    9% (3)
  • C
    3% (1)
  • D
    86% (30)

Why each option

The incident handler is the designated role responsible for the initial triage and analysis of a security or operational incident.

AIT director

The IT director is a management role focused on strategy and oversight, not hands-on incident triage.

BCIO

The CIO is an executive responsible for IT strategy at an organizational level, not frontline incident analysis.

Cserver administrator

A server administrator manages server infrastructure but does not hold the formal incident analysis responsibility defined in incident response frameworks.

Dincident handlerCorrect

An incident handler is a trained responder whose primary duty is to receive, initially analyze, and classify incidents as they occur. This role follows defined procedures to determine scope, severity, and required escalation, making them the first point of analytical contact in an incident response process.

Concept tested: Incident response roles and responsibilities

Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Topics

#incident response#roles and responsibilities#incident handler#IR lifecycle

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice