CERTIFIED-IN-CYBERSECURITY · Question #400
CERTIFIED-IN-CYBERSECURITY Question #400: Real Exam Question with Answer & Explanation
The correct answer is C: Incident Response. Incident response refers to the activities that must be performed to ensure that a security incident is properly addressed. These activities typically include preparation, detection and analysis, containment, remediation, recovery, and post-incident activities such as lessons lea
Question
What term describes the activities that must be performed to ensure the incident is properly handled?
Options
- AIncident Investigation
- BIncident Solution
- CIncident Response
- DIncident Management
Explanation
Incident response refers to the activities that must be performed to ensure that a security incident is properly addressed. These activities typically include preparation, detection and analysis, containment, remediation, recovery, and post-incident activities such as lessons learned and reporting (see ISC2 Study Guide Chapter 2, Module 1). For example, if a company's network is breached, the incident response team would follow a predefined plan to identify the breach, contain the damage, fix the cause, restore systems, and document the incident and lessons learned. This process ensures that the incident is handled properly and that the organization can recover effectively. The other options are inaccurate. Incident Management is a broader term that encompasses all activities related to incident management, including but not limited to the incident response process. Incident Solution is not a recognized term in the cybersecurity field. Incident investigation is part of the incident response process, specifically the detection and analysis phase. However, it does not encompass all of the activities that must be performed to ensure that the incident is properly addressed.
Topics
Community Discussion
No community discussion yet for this question.