Certified SOC Analyst (CSA) — Question 62

Mike is an incident handler for PNP Infosystems Inc. One day, there was a ticket raised regarding a critical incident and Mike was assigned to handle the incident. During the process of incident handling, at one stage, he has performed incident analysis and validation to check whether the incident is a true incident or a false positive.
Identify the stage in which he is currently in.

Answer options

• A. Post-Incident Activities
• B. Incident Recording and Assignment
• C. Incident Triage
• D. Incident Disclosure

Correct answer: B

Explanation

The correct answer is B, Incident Recording and Assignment, because this stage involves analyzing and validating incidents to confirm their legitimacy. The other options do not pertain to the analysis phase; Post-Incident Activities occur after resolution, Incident Triage focuses on prioritizing incidents, and Incident Disclosure relates to communicating details about the incident.