Which of the following should be the FIRST action taken?
An information security manager believes that a network file server was compromised by a hacker. Which of
the following should be the FIRST action taken?
What task should be performed once a security incident …
What task should be performed once a security incident has been verified?
The PRIMARY consideration when defining recovery time o…
The PRIMARY consideration when defining recovery time objectives (RTOs) for information assets is:
What is the FIRST thing the incident response manager s…
A possible breach of an organization’s IT system is reported by the project manager. What is the FIRST thing
the incident response manager should do?
Which of the following is the FIRST step a security man…
An organization has verified that its customer information was recently exposed. Which of the following is the
FIRST step a security manager should take in this situation?
The FIRST step in an incident response plan is to:
The FIRST step in an incident response plan is to:
Which of the following is the BEST mechanism to determi…
Which of the following is the BEST mechanism to determine the effectiveness of the incident response
process?
The MOST important objective of a post incident review …
The MOST important objective of a post incident review is to:
The PRIMARY purpose of involving third-party teams for …
The PRIMARY purpose of involving third-party teams for carrying out post event reviews of information security
incidents is to:
Which of the following has the highest priority when de…
Which of the following has the highest priority when defining an emergency response plan?