Certified SOC Analyst (CSA) — Question 96
Emmanuel is working as a SOC analyst in a company named Tobey Tech. The manager of Tobey Tech recently recruited an Incident Response Team (IRT) for his company. In the process of collaboration with the IRT, Emmanuel just escalated an incident to the IRT.
What is the first step that the IRT will do to the incident escalated by Emmanuel?
Answer options
- A. Incident Analysis and Validation
- B. Incident Recording
- C. Incident Classification
- D. Incident Prioritization
Correct answer: C
Explanation
The correct answer is C, Incident Classification, as this is the first step the IRT takes to categorize the incident based on its severity and type. Options A and B follow after classification, focusing on analyzing the incident and recording details, while D, Incident Prioritization, comes into play after classification to determine the urgency of the response.