CISM Question #812: Real Exam Question with Answer & Explanation

Sign in or unlock CISM to reveal the answer and full explanation for question #812. The question stem and answer options stay visible for context.

Submitted by viktor_hu· Apr 18, 2026Information Security Incident Management

Question

During which of the following incident management phases would an information security manager MOST likely seek to evaluate the sequence of events leading to a breach and the incident response activities that were initiated?

Options

APost-incident review phase
BIncident containment phase
CIncident response phase
DIncident identification phase

Unlock CISM to see the answer

You've previewed enough free CISM questions. Unlock CISM for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISM - $49.99 / 30 days Sign in

Topics

#Incident Management Phases#Post-Incident Review#Lessons Learned#Incident Evaluation

Full CISM Practice Browse All CISM Questions