CompTIA
CAS-001 · Question #279
CAS-001 Question #279: Real Exam Question with Answer & Explanation
The correct answer is C: Distributed IRT. A Distributed IRT assigns incident response responsibility to specific logical or physical segments of an organization, making it the appropriate structure for large or geographically dispersed enterprises.
Question
Which of the following types of Incident Response Teams (IRT) is responsible for a logical or physical segment of the infrastructure, usually of a large organization or one that is geographically dispersed?
Options
- ACoordinating IRT
- BCentral IRT
- CDistributed IRT
- DOutsourced IRT
Explanation
A Distributed IRT assigns incident response responsibility to specific logical or physical segments of an organization, making it the appropriate structure for large or geographically dispersed enterprises.
Common mistakes.
- A. A Coordinating IRT acts as a liaison and orchestrator across multiple independent response teams rather than owning direct responsibility for a specific infrastructure segment.
- B. A Central IRT handles all incidents through one consolidated team and is not designed around segmented or distributed infrastructure responsibility.
- D. An Outsourced IRT is defined by its external staffing model - contracted from a third party - not by its structural relationship to infrastructure segments.
Concept tested. Incident Response Team types and organizational structures
Reference. https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
Community Discussion
No community discussion yet for this question.