When properly tested, which of the following would MOST effectively support an information security manager in handling a security breach?
A. Business continuity plan
B. Disaster recovery plan
C. Incident response plan
D. Vulnerability management plan
Explanation:
An incident response plan documents the step-by-step process to follow, as well as the related roles and responsibilities pertaining to all parties involved in responding to an information security breach. A business continuity plan or disaster recovery plan would be triggered during the execution of the incident response plan in the case of a breach impacting the business continuity. A vulnerability management plan is a procedure to address technical vulnerabilities and mitigate the risk through configuration changes (patch management).