210-255 · Question #80
Which of the following is typically a responsibility of a PSIRT?
The correct answer is D. Disclose vulnerabilities in the organization's products and services. A PSIRT (Product Security Incident Response Team) is responsible for managing and disclosing vulnerabilities found in an organization's own products and services, not for general SOC operations.
Question
Which of the following is typically a responsibility of a PSIRT?
Options
- AConfigure the organization's firewall
- BMonitor security logs
- CInvestigate security incidents in a security operations center (SOC)
- DDisclose vulnerabilities in the organization's products and services
How the community answered
(56 responses)- A2% (1)
- B2% (1)
- C5% (3)
- D91% (51)
Why each option
A PSIRT (Product Security Incident Response Team) is responsible for managing and disclosing vulnerabilities found in an organization's own products and services, not for general SOC operations.
Configuring firewalls is a network or security engineering responsibility, not a PSIRT function.
Monitoring security logs is a SOC analyst or SIEM-driven function, not a PSIRT responsibility.
Investigating active security incidents in a SOC is the role of incident responders and SOC analysts, not a PSIRT, which focuses on product vulnerability lifecycle management.
A PSIRT is a dedicated team within a vendor or organization whose core function is to receive, investigate, and publicly disclose vulnerabilities affecting their own products and services. This includes coordinating with researchers, issuing CVEs, and publishing security advisories. This distinguishes PSIRT from a SOC, which handles operational incidents rather than product vulnerability management.
Concept tested: PSIRT role and vulnerability disclosure responsibilities
Source: https://www.cisco.com/c/en/us/about/security-center/security-vulnerability-policy.html
Topics
Community Discussion
No community discussion yet for this question.