A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This
results in the Risk Manager and Chief Information Officer (CIO) being caught unaware when the CEO asks
for further information. Which of the following strategies should be implemented to ensure the Risk
Manager and CIO are not caught unaware in the future?
A.
Procedure and policy management
B.
Chain of custody management
C.
Change management
D.
Incident management
Explanation:
incident management refers to the steps followed when events occur (making sure controls are in place
to prevent unauthorized access to, and changes of, all IT assets). The events that could occur include
security breaches.
Incorrect Answers:
A: Procedure and Policy management is in essence methods that need to be followed to ensure business
continuity.
B: When working with incident then chain of custody management , i.e. how evidence is secured, where
it is stored and who has access to it, is observed, but this is but a step in incident management.C: Change management refers to the structured approach that is followed to secure a company’s assets.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 10, 448