Which of the following correctly defines MTTD, MTTR, and MTTC and their relationship?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

Which of the following correctly defines MTTD, MTTR, and MTTC and their relationship?

Explanation:
These three incident metrics measure different phases of an incident lifecycle: Mean Time To Detect, Mean Time To Repair, and Mean Time To Contain. MTTD is the time from when the event actually occurs to when it is first detected. MTTR is the time from detection to full restoration or resolution of the incident. MTTC is the time from detection to containment, meaning the period needed to isolate or limit the affected systems and stop further spread. The option that matches this is the one where MTTD is defined as the time from event to detection, MTTR is the time from detection to resolution, and MTTC is the time from detection to containment. It also notes that a shorter MTTD helps shorten MTTC and MTTR because detecting the incident faster enables earlier containment actions and remediation efforts, reducing the overall impact and duration of the incident. Other choices mix up the definitions—time to detection versus time to containment or resolution are swapped or misstated—so they don’t accurately describe what each metric measures or how they relate.

These three incident metrics measure different phases of an incident lifecycle: Mean Time To Detect, Mean Time To Repair, and Mean Time To Contain. MTTD is the time from when the event actually occurs to when it is first detected. MTTR is the time from detection to full restoration or resolution of the incident. MTTC is the time from detection to containment, meaning the period needed to isolate or limit the affected systems and stop further spread.

The option that matches this is the one where MTTD is defined as the time from event to detection, MTTR is the time from detection to resolution, and MTTC is the time from detection to containment. It also notes that a shorter MTTD helps shorten MTTC and MTTR because detecting the incident faster enables earlier containment actions and remediation efforts, reducing the overall impact and duration of the incident.

Other choices mix up the definitions—time to detection versus time to containment or resolution are swapped or misstated—so they don’t accurately describe what each metric measures or how they relate.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy