The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the
following is occurring?

A.
Unannounced audit response

B.
Incident response process

C.
Business continuity planning

D.
Unified threat management

E.
Disaster recovery process

Explanation:
The Incident response policy outlines the processes that should be followed when an incident occurs.
Thus when a CSO is contacted by a first responder and then assign a handler for the incident it is clearly
the incident response process that is put in practice.
Incorrect Answers:
A: Unannounced audit response is not when a CSO is informed of an incident by the first responder and
then put the incident response process in action. An unannounced audit response is the opposite of
routine audit responses.C: Business continuity planning involves the assessment of a variety of risks to the organizational
processes and developing the policies, plans and procedures to minimize the impact those risks may have
on the company’s ability to continue.
D: Unified threat management is the way network administration policies are secured, regarding the
devices and network infrastructure.
E: Disaster Recovery process is the process of repairing damage.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 447- 449
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 27, 107-108