Which of the following principles describes how a security analyst should communicate during an incident?

– by 3

Which of the following principles describes how a security analyst should communicate during an incident?
A. The communication should be limited to trusted parties only.
B. The communication should be limited to security staff only.
C. The communication should come from law enforcement.
D. The communication should be limited to management only.

CS0-002: CompTIA CySA+ Exam

FULL Printable PDF and Software. VALID exam to help you PASS.
comptia-exams

3 thoughts on “Which of the following principles describes how a security analyst should communicate during an incident?

  2. Correct answer is A. Example: a massive DDOS attack or a PII exfiltration should be communicated to trusted parties that are defined in the Security Incident Procedure. In both cases, difficult managerial decisions need to be taken and it is not to the security analyst to take those decisions. The questions refers to incident and not event 😉 In the case of an event it can be different.

    Reply

  3. Trusted parties or Key parties seems to be what all the CYSA+ books I’m reading seem to say.

    The only time it appears that the communications should stay with the Security Team is in minor cases such as an email being delivered to a user; where the email is never even opened.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.