- It provides a roadmap for maturing the incident response capability.
- It provides metrics for measuring the incident response capability and effectiveness.
- It defines how the incident response teams will communicate with the rest of the organization and with other organizations.
- It details how incidents should be handled based on the organizational mission and functions.
Explanation: NIST recommends creating policies, plans, and procedures for establishing and maintaining a CSIRC. A purpose of the policy element is to detail how incidents should be handled based on the mission and functions of an organization.
More Questions: CCNA Cyber Ops Chapter 13 Exam Answers