nerdexam
Cisco

210-255 · Question #73

Which of the following are examples of some of the responsibilities of a corporate CSIRT and the policies it helps create? (Select all that apply.)

The correct answer is B. Incident classification and handling C. Information classification and protection D. Information dissemination E. Record retentions and destruction. Corporate CSIRTs are responsible for incident handling, information classification, dissemination of security information, and records management policies - but not scanning external vendor networks.

Security Policies and Procedures

Question

Which of the following are examples of some of the responsibilities of a corporate CSIRT and the policies it helps create? (Select all that apply.)

Options

  • AScanning vendor customer networks
  • BIncident classification and handling
  • CInformation classification and protection
  • DInformation dissemination
  • ERecord retentions and destruction

How the community answered

(35 responses)
  • A
    14% (5)
  • B
    86% (30)

Why each option

Corporate CSIRTs are responsible for incident handling, information classification, dissemination of security information, and records management policies - but not scanning external vendor networks.

AScanning vendor customer networks

Scanning vendor customer networks falls outside a corporate CSIRT scope and could raise legal and authorization issues - CSIRTs operate within their own organization's boundaries.

BIncident classification and handlingCorrect

Incident classification and handling is a foundational CSIRT function, covering how incidents are categorized, prioritized, and resolved.

CInformation classification and protectionCorrect

CSIRTs help define information classification and protection policies to ensure sensitive data is properly handled before and after incidents.

DInformation disseminationCorrect

Information dissemination - sharing threat intelligence, advisories, and incident details with stakeholders - is a recognized CSIRT responsibility.

ERecord retentions and destructionCorrect

Record retention and destruction policies fall within CSIRT governance responsibilities to ensure evidence is preserved appropriately and data is disposed of securely.

Concept tested: Corporate CSIRT roles and policy responsibilities

Source: https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final

Topics

#CSIRT#incident classification#information classification#security policies

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice