An organization experienced a data breach and followed its incident response plan. Later it was discovered that the plan was incomplete, omitting a requirement to report the incident to the relevant authorities. In addition to establishing an updated incident response plan, which of the following would be MOST helpful in preventing a similar occurrence?

• A.Attached reporting forms as an addendum to the incident response plan
• B.Management approval of the incident reporting process
• C.Ongoing evaluation of the incident response plan.
• D.Assignment of responsibility for communications.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important to verify when reviewing the effectiveness of response to an information security incident?

• A.Test results have been properly recorded.
• B.Testing has been completed on time.
• C.Lessons learned have been implemented.
• D.Metrics have been captured in a dashboard.

Comment: *

Name: *

Email: *

Verification: *

When security policies are strictly enforced, the initial impact is that:

• A.they may have to be modified more frequently.
• B.they will be less subject to challenge.
• C.the total cost of security is increased.
• D.the need for compliance reviews is decreased.

Comment: *

Name: *

Email: *

Verification: *

What is the PRIMARY objective of a post-event review in incident response?

• A.Adjust budget provisioning
• B.Preserve forensic data
• C.Improve the response process
• D.Ensure the incident is fully documented

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY purpose of a risk assessment is to enable business leaders to:

• A.align information security to business objectives.
• B.manage information security expenditures.
• C.make informed decisions.
• D.define key risk indicators (KRIs).

Comment: *

Name: *

Email: *

Verification: *