nerdexam
Cisco

210-255 · Question #46

210-255 Question #46: Real Exam Question with Answer & Explanation

The correct answer is A. organization mission. An incident response plan must align with the organization's mission, goals, and senior management directives to ensure it has proper authority and resource support.

Security Policies and Procedures

Question

Which element is included in an incident response plan?

Options

  • Aorganization mission
  • Bjunior analyst approval
  • Cday-to-day firefighting
  • Dsiloed approach to communications

Explanation

An incident response plan must align with the organization's mission, goals, and senior management directives to ensure it has proper authority and resource support.

Common mistakes.

  • B. Incident response plans require senior management approval and sponsorship, not junior analyst approval, because executive authority is necessary for resource allocation and cross-departmental coordination.
  • C. Day-to-day firefighting describes a reactive, unstructured approach to security events, which is precisely what a formal incident response plan is designed to replace with defined procedures.
  • D. A siloed communications approach contradicts incident response best practices, which require coordinated, cross-functional communication among IT, legal, management, and other stakeholders.

Concept tested. Incident response plan core components

Reference. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Topics

#incident response plan#IRP elements#security policy#organization mission

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-255 Practice