Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam

Exam CS0-003 topic 1 question 72 discussion

Actual exam question from CompTIA's CS0-003

Question #: 72
Topic #: 1

A cybersecurity team lead is developing metrics to present in the weekly executive briefs. Executives are interested in knowing how long it takes to stop the spread of malware that enters the network. Which of the following metrics should the team lead include in the briefs?

A. Mean time between failures
B. Mean time to detect
C. Mean time to remediate
D. Mean time to contain

Show Suggested Answer

Suggested Answer: D 🗳️

by kmordalv at Aug. 30, 2023, 10:46 a.m.

Comments

Submit Cancel

[Removed]

Highly Voted 1 year, 8 months ago

Selected Answer: C

Going with C only because Mean Time to Contain (MTTC) isn't listed on the Exam Objectives (4.2 Explain the importance of incident response reporting and communication). Metrics and KPIs are - Mean time to detect - Mean time to respond - Mean time to remediate

upvoted 20 times

throughthefray

1 year, 7 months ago

You must be new here lol Ive seen many things not in the exam objectives on their exams... They asked for D So i gave them D D is the answer

upvoted 31 times

...

IamBaba

1 year ago

However in the 'About the Exam ' section, compTIA did state that :"PLEASE NOTE: The lists of examples provided in bulleted format are not exhaustive lists. Other examples of technologies, processes, or tasks pertaining to each objective may also be included on the exam,although not listed or covered in this objectives document. "

upvoted 5 times

...

Sebatian20

1 year, 8 months ago

"how long it takes to stop the spread of malware that enters the network" Knowing Comptia, MTTC not being in the exam objectives don't mean much. They are asking to contain, not to remove/restore. Going with D

upvoted 6 times

Ree1234

1 year, 2 months ago

Nope that's wrong, you must read the question again, you misunderstood it. To calculate MTTC, you need to take the sum of the hours spent detecting, acknowledging, and resolving an alert, and divide it by the number of incidents. MTTR in cybersecurity refers to the time it takes the team to get the system back up and running after a cybersecurity breach. The question is saying 'Executives are interested in knowing how long it takes to stop the spread of malware that enters the network. ' MEANING FROM THE MOMENT THE BREACH IS IDENTIFIED TO WHEN ITS RESOLVED , EXCLIDING THE HOURS THAT CAN BE SPENT TO DETECT. MTTD is essentially the time it takes to detect an issue, while MTTR tells us how long it takes to repair it.. Therefore Option C is the correct answer.

upvoted 1 times

...

robizman

Most Recent 5 days ago

Selected Answer: D

D. MTTC tracks the average time from when a threat is detected to when its spread is halted.

upvoted 1 times

...

JayWeston

2 weeks ago

Selected Answer: D

If it is not Mean time to contain I don't want to be right

upvoted 2 times

...

93d818a

1 month, 2 weeks ago

Selected Answer: D

Executives want to know how long it will take to stop the spread. thus containing

upvoted 1 times

...

Casperkey

1 month, 4 weeks ago

Selected Answer: D

My thoughts on why MTTC: -Stopping the spread is containment, not remediation. -MTTR is till full restoration.

upvoted 1 times

...

cj207800

2 months ago

Selected Answer: D

MTTC specifically measures the average time between detecting a security incident (e.g., malware infiltration) and containing it to prevent further spread or damage. This aligns directly with the executives’ interest in understanding how quickly the team stops malware propagation.

upvoted 1 times

...

friendlyneighborhoodITguy

3 months, 1 week ago

Selected Answer: D

Groq - The correct answer is D. Mean time to contain. This metric measures how long it takes to stop the spread of malware after it's detected, directly answering the executives' concern.

upvoted 1 times

...

f90ecff

3 months, 2 weeks ago

Selected Answer: D

What are they asking? Executives are interested in knowing how long it takes to stop the spread of malware that enters the network.

upvoted 1 times

...

f90ecff

3 months, 2 weeks ago

Selected Answer: D

The executives are asking for this answer. Not sure why people are picking C.

upvoted 1 times

...

vannydabest

4 months ago

Selected Answer: D

D is the correct answer as it measures how quickly the team can stop the malware from spreading once it's detected, which is exactly what the executives want to know

upvoted 1 times

...

f90ecff

4 months ago

Selected Answer: D

C. Mean Time to Remediate (MTTR): This refers to the time taken to fully fix the issue, including cleanup and restoring systems—not just containing the spread

upvoted 1 times

...

leesuh

5 months ago

Selected Answer: D

MTTC-- The executives want to stop the spread (contain)

upvoted 1 times

...

passingtoday

6 months, 3 weeks ago

Selected Answer: D

D. Mean time to contain Mean Time to Contain (MTTC) is the metric that measures how long it takes to stop the spread of malware once it has been detected in the network. This metric is directly relevant to the executives' interest in understanding the response time to contain malware and prevent it from spreading further within the network.

upvoted 1 times

...

luiiizsoares

8 months, 2 weeks ago

Selected Answer: D

D. Mean Time to Contain (MTTC) Analysis of the Correct Answer: Mean Time to Contain (MTTC) measures the time required to isolate or neutralize a threat after it has been detected. This is the most relevant metric because it reflects how effectively the team can limit the damage and prevent further spread of the malware. Why this matters for executives: MTTC directly ties to risk reduction and operational resilience, critical concerns for executives. It showcases the team's capability to manage active threats efficiently. Operational impact: A shorter MTTC minimizes the scope and costs of an incident, reducing the likelihood of extended downtime or widespread data compromise.

upvoted 3 times

...