Escalation Criteria — CompTIA CySA+ (CS0-003) Practice Questions
Escalation criteria define the conditions under which a security analyst must elevate an incident to senior analysts, management, legal, or external authorities rather than handling it at the current tier. The CySA+ exam expects candidates to understand how to apply predefined escalation thresholds based on factors such as data classification, system criticality, regulatory obligations, and the confirmed or suspected scope of an attack. Knowing when and how to escalate prevents incidents from being under-triaged and ensures that the appropriate resources and decision-makers are engaged at the right time.
Free questions on escalation criteria
A security team is creating an incident response plan. Which scenario should trigger activation of the full incident response team?
Free question · medium · full answer + explanation