Reporting and Communication Questions
Practice questions for Reporting and Communication topic in CompTIA CySA+. 16 questions covering this domain.
A security analyst must communicate the results of a vulnerability assessment to a non-technical business unit manager. Which approach best aligns wit...
After a significant security incident, the incident response team must formally notify senior leadership and potentially regulators. Which reporting e...
An organization's security team has completed a vulnerability assessment and found that 30% of critical vulnerabilities remain unpatched beyond the SL...
Which term describes the measurable values used to evaluate how effectively an organization is achieving its security objectives?
Following a major ransomware incident affecting critical infrastructure, the CISO must present a lessons learned briefing to the board of directors. W...
A compliance report for a financial services organization indicates a vulnerability remediation inhibitor due to a legacy system that cannot be patche...
What is the primary purpose of a vulnerability management report provided to executive stakeholders?
During a post-incident review, the team identifies that the initial detection time was significantly longer than expected due to missing log sources i...
A security analyst must produce a compliance report for a PCI DSS audit showing the organization's vulnerability management posture. Which metrics and...
An organization's vulnerability management program produces reports showing that the mean time to remediate (MTTR) for critical vulnerabilities has in...
What is the purpose of an incident response 'lessons learned' report?
Which metric measures the average time from when an incident is detected to when it is fully resolved?
A security analyst is preparing an action plan for a stakeholder after completing a vulnerability assessment. The stakeholder asks how to prioritize r...
An organization's security team has improved its MTTD (mean time to detect) from 30 days to 4 days over two quarters by improving log ingestion covera...
After a data breach, an organization must notify affected customers per regulatory requirements. Which communication principle should guide the conten...
A security analyst must prepare a vulnerability management action plan for a business unit that owns a customer-facing e-commerce application with thr...
Sign in to see all 16 questions
Create a free account to browse all questions — completely free during our launch phase.