A cybersecurity team lead is developing metrics to present in the weekly executive briefs. Executives are interested in knowing how long it takes to stop the spread of malware that enters the network. Which of the following metrics should the team lead include in the briefs?
The appropriate metric for this scenario is 'Mean time to contain'. This metric measures the average amount of time it takes to isolate and stop the spread of malware within the network once it has been detected. It directly addresses the executives' interest in understanding how quickly the cybersecurity team can halt the proliferation of a security threat.
Going with C only because Mean Time to Contain (MTTC) isn't listed on the Exam Objectives (4.2 Explain the importance of incident response reporting and communication). Metrics and KPIs are - Mean time to detect - Mean time to respond - Mean time to remediate
"how long it takes to stop the spread of malware that enters the network" Knowing Comptia, MTTC not being in the exam objectives don't mean much. They are asking to contain, not to remove/restore. Going with D
Nope that's wrong, you must read the question again, you misunderstood it. To calculate MTTC, you need to take the sum of the hours spent detecting, acknowledging, and resolving an alert, and divide it by the number of incidents. MTTR in cybersecurity refers to the time it takes the team to get the system back up and running after a cybersecurity breach. The question is saying 'Executives are interested in knowing how long it takes to stop the spread of malware that enters the network. ' MEANING FROM THE MOMENT THE BREACH IS IDENTIFIED TO WHEN ITS RESOLVED , EXCLIDING THE HOURS THAT CAN BE SPENT TO DETECT. MTTD is essentially the time it takes to detect an issue, while MTTR tells us how long it takes to repair it.. Therefore Option C is the correct answer.
You must be new here lol Ive seen many things not in the exam objectives on their exams... They asked for D So i gave them D D is the answer
The Incident Response Metrics and KPIs point to four measures you consider as you think about incident response. These are likely to be found not only in incident response reports but are also commonly part of ongoing reporting for security organizations. 1. Mean time to detect, 2. Mean time to respond, 3. Mean time to remediate, and 4. Alert volume. (CySA Study Guide, 3rd Edition, pg 436)
The metric that the cybersecurity team lead should include in the weekly executive briefs to address the executives' interest in knowing how long it takes to stop the spread of malware that enters the network is: D. Mean time to contain Explanation: Mean time to contain (MTTC) measures the average amount of time it takes to isolate and contain a security incident once it has been detected. It specifically focuses on how long it takes to stop the spread of malware and prevent it from causing further damage within the network.
Mean Time to Contain is not listed on study material. Mean time to detect. Mean time to respond. Mean time to remediate
I am part of an incident response team, to stop is to contain. My answer is D.
C. Mean time to remediate
I'll go with what the question is asking for :)
Though MTTC is not in the objectives, comptia will likely put this in the exam.
CompTIA CertMaster 9B lists Mean Time to detect, mean time to respond, and mean time to remediate. There is no "Mean Time to Contain". So the BEST answer is C Mean time to Remediate. CertMaster "Mean Time to Remediate—A metric used to measure how quickly an organization can resolve an incident. MTTR is a valuable metric for evaluating an organization’s effectiveness in responding to and resolving incidents." Answer is C
MTTD is essentially the time it takes to detect an issue, while MTTR tells us how long it takes to repair it
Ca doit être D: https://turingpoint.de/en/blog/what-doesmean-time-to-contain-mttc-mean/ MTTC contient MTTR
D. Mean time to contain
Correct This metric measures the average time it takes to isolate or contain a security incident after it has been detected. It directly reflects the efficiency of the cybersecurity team in responding to and limiting the impact of security incidents such as malware infections.