ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your company's SLA with a SaaS vendor states that any critical security incident must be contained within two hours of detection. When selecting metrics to monitor compliance, which measure provides the most direct evidence that the vendor is meeting this security-related objective?

Peak concurrent user capacity during business hours
Mean Time to Recover (MTTR) for critical incidents
Percentage of successful software deployments
Mean Time Between Failures (MTBF)

Report Issue

Answer Description

The requirement focuses on how quickly the provider can stop the impact of a critical security incident after it is detected. Mean Time to Recover/Resolve (often expressed as MTTR for critical incidents) measures the average elapsed time from detection of an incident until service is restored or the threat is contained. Monitoring this metric reveals whether the provider is consistently containing incidents inside the agreed two-hour window.

Mean Time Between Failures (MTBF) measures reliability, not response speed. The percentage of successful deployments and peak concurrent user capacity are performance and scalability metrics; they do not show how fast the provider reacts to and contains security incidents. Therefore, tracking MTTR for critical incidents is the most appropriate way to assess compliance with the SLA's containment objective.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.