Exam ISO-IEC-27035-Lead-Incident-Manager Topic 5 Question 64 Discussion

Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam
Question #: 64
Topic #: 5
Who is responsible for providing threat intelligence and supporting the lead investigator within an incident response team?

Suggested Answer: B Vote an answer

Comprehensive and Detailed Explanation From Exact Extract:
In an Incident Response Team (IRT), analysts and researchers are responsible for threat intelligence, data analysis, malware investigation, and providing in-depth technical insights. Their work directly supports the lead investigator by identifying root causes, attack vectors, indicators of compromise (IOCs), and evaluating threat actor tactics.
According to ISO/IEC 27035-2:2016, these roles are part of the broader support functions within an IRT and are crucial for technical depth and timely resolution of incidents.
Option A (IT support staff) may provide infrastructure-level assistance but typically lacks threat analysis capabilities. Option C (team leader) oversees coordination and communication but is not the primary intelligence resource.
Reference Extracts:
ISO/IEC 27035-2:2016, Clause 7.2.3: "Support roles may include malware analysts, forensic experts, and threat intelligence researchers." ENISA CSIRT Training Guide: "Analysts contribute to ongoing investigations by identifying attack patterns and supporting mitigation decisions." Correct answer: B
-

by Marlon at Nov 13, 2025, 11:39 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10