Computer Incident Response Team (CIRT) Activities | SSCP Exam Preparation

Computer Incident Response Team (CIRT) Activities

Prev Question Next Question

Question

Another example of Computer Incident Response Team (CIRT) activities is:

Answers

A. Management of the netware logs, including collection, retention, review, and analysis of data

B. Management of the network logs, including collection and analysis of data

C. Management of the network logs, including review and analysis of data

D. Management of the network logs, including collection, retention, review, and analysis of data.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Additional examples of CIRT activities are: Management of the network logs, including collection, retention, review, and analysis of data Management of the resolution of an incident, management of the remediation of a vulnerability, and post-event reporting to the appropriate parties.

Source: KRUTZ, Ronald L.

&amp; VINES, Russel.

D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley &amp; Sons, Page 64.

Computer Incident Response Teams (CIRTs) are responsible for managing and responding to security incidents that occur within an organization's computer systems. One of the important activities of a CIRT is the management of network logs, which can provide valuable information about potential security threats or breaches.

Option A states that the CIRT manages netware logs, including collection, retention, review, and analysis of data. Netware logs refer to the logs generated by the NetWare operating system. However, this option is less relevant nowadays since NetWare is an outdated operating system and is no longer widely used.

Option B states that the CIRT manages network logs, including collection and analysis of data. Network logs refer to the logs generated by various network devices such as routers, switches, firewalls, and intrusion detection systems. The CIRT collects these logs and analyzes them to identify any suspicious or malicious activity.

Option C states that the CIRT manages network logs, including review and analysis of data. This option is similar to Option B but does not mention the collection of logs. It is important to note that the CIRT needs to collect the logs before they can review and analyze them.

Option D states that the CIRT manages network logs, including collection, retention, review, and analysis of data. This option includes all the necessary activities involved in managing network logs. The CIRT collects the logs, retains them for a specific period, reviews them periodically, and analyzes them to identify potential security threats or breaches.

In conclusion, Option D is the most comprehensive and accurate answer since it includes all the necessary activities involved in managing network logs, which is an important responsibility of a CIRT.

Prev Question Next Question