Exam ISO-IEC-27035-Lead-Incident-Manager Topic 5 Question 64 Discussion
Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam
Question #: 64
Topic #: 5
Question #: 64
Topic #: 5
Who is responsible for providing threat intelligence and supporting the lead investigator within an incident response team?
Suggested Answer: B Vote an answer
Comprehensive and Detailed Explanation From Exact Extract:
In an Incident Response Team (IRT), analysts and researchers are responsible for threat intelligence, data analysis, malware investigation, and providing in-depth technical insights. Their work directly supports the lead investigator by identifying root causes, attack vectors, indicators of compromise (IOCs), and evaluating threat actor tactics.
According to ISO/IEC 27035-2:2016, these roles are part of the broader support functions within an IRT and are crucial for technical depth and timely resolution of incidents.
Option A (IT support staff) may provide infrastructure-level assistance but typically lacks threat analysis capabilities. Option C (team leader) oversees coordination and communication but is not the primary intelligence resource.
Reference Extracts:
ISO/IEC 27035-2:2016, Clause 7.2.3: "Support roles may include malware analysts, forensic experts, and threat intelligence researchers." ENISA CSIRT Training Guide: "Analysts contribute to ongoing investigations by identifying attack patterns and supporting mitigation decisions." Correct answer: B
-
In an Incident Response Team (IRT), analysts and researchers are responsible for threat intelligence, data analysis, malware investigation, and providing in-depth technical insights. Their work directly supports the lead investigator by identifying root causes, attack vectors, indicators of compromise (IOCs), and evaluating threat actor tactics.
According to ISO/IEC 27035-2:2016, these roles are part of the broader support functions within an IRT and are crucial for technical depth and timely resolution of incidents.
Option A (IT support staff) may provide infrastructure-level assistance but typically lacks threat analysis capabilities. Option C (team leader) oversees coordination and communication but is not the primary intelligence resource.
Reference Extracts:
ISO/IEC 27035-2:2016, Clause 7.2.3: "Support roles may include malware analysts, forensic experts, and threat intelligence researchers." ENISA CSIRT Training Guide: "Analysts contribute to ongoing investigations by identifying attack patterns and supporting mitigation decisions." Correct answer: B
-
by Marlon at Nov 13, 2025, 11:39 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).