CompTIA CySA+ (CS0-003) — Question 155

The management team requests monthly KPI reports on the company’s cybersecurity program. Which of the following KPIs would identify how long a security threat goes unnoticed in the environment?

Answer options

• A. Employee turnover
• B. Intrusion attempts
• C. Mean time to detect
• D. Level of preparedness

Correct answer: C

Explanation

The correct answer, 'Mean time to detect,' measures the average time taken to identify a security threat, which directly indicates how long a threat goes unnoticed. The other options do not provide insights into detection times; 'Employee turnover' relates to staffing, 'Intrusion attempts' counts specific events, and 'Level of preparedness' assesses readiness rather than detection efficiency.