Home » Isaca » CISM » The FIRST step in an incident response plan is to:
The FIRST step in an incident response plan is to:
A. notify- the appropriate individuals.
B. contain the effects of the incident to limit damage.
C. develop response strategies for systematic attacks.
D. validate the incident.
Correct Answer: D
Explanation/Reference:
Appropriate people need to be notified; however, one must first validate the incident. Containing the effects of the incident would be completed after validatingthe incident. Developing response strategies for systematic attacks should have already been developed prior to the occurrence of an incident.
|
Download Printable PDF. VALID exam to help you PASS.
|
 |
very first you have to validate if incident is actually and incident or a false alarm
then only we will notify.
A – Preparation is the official first step in incident response – which is notifying the appropriate incident response team.
– Validation would fall under Identification which is the second step.
https://www.securitymetrics.com/blog/6-phases-incident-response-plan
this is not the recommendation from isaca