CISM Question #407: Real Exam Question with Answer & Explanation

Sign in or unlock CISM to reveal the answer and full explanation for question #407. The question stem and answer options stay visible for context.

Submitted by rania.sa· Apr 18, 2026Information Security Incident Management

Question

A security operations center (SOC) indicated that a system has been infected by malware and the IT department promptly moved the infected system to an isolated network. Which of the following should the information security manager do NEXT?

Options

AEnsure antivirus signatures are updated.
BEnsure the system is disconnected from the network.
CDetermine the sequence of events leading to the incident.
DDetermine the impact of the incident

Unlock CISM to see the answer

You've previewed enough free CISM questions. Unlock CISM for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISM - $49.99 / 30 days Sign in

Topics

#Incident Response#Malware#Impact Assessment#Containment

Full CISM Practice Browse All CISM Questions