nerdexam
Cisco

210-255 · Question #80

Which of the following is typically a responsibility of a PSIRT?

The correct answer is D. Disclose vulnerabilities in the organization's products and services. A PSIRT (Product Security Incident Response Team) is responsible for managing and disclosing vulnerabilities found in an organization's own products and services, not for general SOC operations.

Security Policies and Procedures

Question

Which of the following is typically a responsibility of a PSIRT?

Options

  • AConfigure the organization's firewall
  • BMonitor security logs
  • CInvestigate security incidents in a security operations center (SOC)
  • DDisclose vulnerabilities in the organization's products and services

How the community answered

(56 responses)
  • A
    2% (1)
  • B
    2% (1)
  • C
    5% (3)
  • D
    91% (51)

Why each option

A PSIRT (Product Security Incident Response Team) is responsible for managing and disclosing vulnerabilities found in an organization's own products and services, not for general SOC operations.

AConfigure the organization's firewall

Configuring firewalls is a network or security engineering responsibility, not a PSIRT function.

BMonitor security logs

Monitoring security logs is a SOC analyst or SIEM-driven function, not a PSIRT responsibility.

CInvestigate security incidents in a security operations center (SOC)

Investigating active security incidents in a SOC is the role of incident responders and SOC analysts, not a PSIRT, which focuses on product vulnerability lifecycle management.

DDisclose vulnerabilities in the organization's products and servicesCorrect

A PSIRT is a dedicated team within a vendor or organization whose core function is to receive, investigate, and publicly disclose vulnerabilities affecting their own products and services. This includes coordinating with researchers, issuing CVEs, and publishing security advisories. This distinguishes PSIRT from a SOC, which handles operational incidents rather than product vulnerability management.

Concept tested: PSIRT role and vulnerability disclosure responsibilities

Source: https://www.cisco.com/c/en/us/about/security-center/security-vulnerability-policy.html

Topics

#PSIRT#vulnerability disclosure#product security#security team

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice