A SOC manager receives a phone call from an upset customer T

A soc manager receives a phone call from an upset customer t - CompTIA CySA+ CSO-003

Question

A SOC manager receives a phone call from an upset customer. The customer received a vulnerability report two hours ago: but the report did not have a follow-up remediation response from an analyst. Which of the following documents should the SOC manager review to ensure the team is meeting the appropriate contractual obligations for the customer?

Answers

correct

SLA
MOU
NDA
Limitation of liability

Explanation

The correct answer is: A. SLA

This is the correct answer because an SLA (Service Level Agreement) outlines the specific performance metrics, such as response times and the level of service expected between a service provider and a customer. The SLA typically includes the expected timelines for actions like providing remediation responses after receiving a vulnerability report. By reviewing the SLA, the SOC manager can confirm whether the team is meeting the contractual obligations regarding response times and remediation, ensuring they fulfill their responsibilities as agreed with the customer.

Why the Other Options Are Incorrect:

MOU

This is incorrect because an MOU (Memorandum of Understanding) is a document that outlines a mutual agreement or understanding between parties but is not legally binding like an SLA. It generally does not specify detailed service expectations or performance metrics such as response times or remediation actions for cybersecurity incidents.

NDA

This is incorrect because an NDA (Non-Disclosure Agreement) is designed to protect confidential information shared between parties. It does not typically include service-related commitments such as response times or remediation procedures, which are crucial for ensuring that the customer’s expectations are met.

Limitation of liability

This is incorrect because the Limitation of Liability clause usually outlines the extent of liability that a company is responsible for in the event of an issue or breach. While important for understanding potential legal exposure, it does not specify service levels, response times, or obligations related to customer communications, like providing remediation responses after a vulnerability report.

View Full Course Content Try our Free Questions

No Payment Cards Needed

CompTIA CySA+ CSO-003 exam

Normally $69

$45/month

Subjects Included

CompTIA CySA+ CSO-003

Additional Features

Over 300 Practice Questions with Answers
Quizzes in every Lesson Provided
Detailed Analysis of Questions with Answers and Explanations
Detailed Notes with Chapters, Topics & Lessons
24/7 Live chat support
24/7 WhatsApp support
One Full Month Access

Get Started

View Other Pricing Plans

CompTIA Prep

CompTIA Cloud+ CV0-004

Start Course Prep

CompTIA Prep

CompTIA Server+ SK0-005

Start Course Prep

Easy way to pass your test within a week with prepsaret

You don’t need one month to study and pass your test.
With Prepsaret, it takes you a few days to grasp all the concepts needed to pass your exams

View Courses Offered