Free CompTIA CySA+ CS0-003 Practice Question

The mean time to respond (MTTR) is the metric used to measure the average time taken by an incident response team to respond to an incident, starting from when the incident was first detected until the response began. It helps organizations identify areas of improvement in their incident response process and to gauge the responsiveness of their security team. An excessive MTTR could indicate issues in the detection, communication, or action stages of incident response that need to be addressed.

Answer 'Number of alerts per day' is incorrect because it measures volume rather than response time. 'Time between patches installed' also doesn't give any information regarding the response to incidents. 'Total downtime per month' is related to the impact of incidents rather than the response effectiveness.