nerdexam
ExamsSY0-301Questions#283
CompTIA

SY0-301 · Question #283

SY0-301 Question #283: Real Exam Question with Answer & Explanation

The correct answer is D: Incident management. Incident management is the structured process for responding to a security breach - it includes containment, eradication, recovery, and lessons learned. It is the first and most critical action immediately after a breach is discovered because it coordinates the entire response. R

Question

Which of the following is BEST carried out immediately after a security breach is discovered?

Options

  • ARisk transference
  • BAccess control revalidation
  • CChange management
  • DIncident management

Explanation

Incident management is the structured process for responding to a security breach - it includes containment, eradication, recovery, and lessons learned. It is the first and most critical action immediately after a breach is discovered because it coordinates the entire response. Risk transference (A) is a long-term risk strategy (e.g., purchasing insurance) done before breaches. Access control revalidation (B) may be part of the recovery phase but is not the first step. Change management (C) governs planned system changes and is not an incident response activity.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice