Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca Exam CISM Topic 6 Question 84 Discussion

Actual exam question for Isaca's CISM exam
Question #: 84
Topic #: 6
[All CISM Questions]

While responding to a high-profile security incident, an information security manager observed several deficiencies in the current incident response plan. When would be the BEST time to update the plan?

Show Suggested Answer Hide Answer
Suggested Answer: C

During post-incident review is the best time to update the incident response plan after observing several deficiencies in the current plan while responding to a high-profile security incident. A post-incident review is a process of analyzing and evaluating the incident response activities, identifying the lessons learned, and documenting the recommendations and action items for improvement. Updating the incident response plan during post-incident review helps to ensure that the plan reflects the current best practices, addresses the gaps and weaknesses, and incorporates the feedback and suggestions from the incident response team and other stakeholders. Therefore, during post-incident review is the correct answer.


https://www.cisa.gov/sites/default/files/publications/Incident-Response-Plan-Basics_508c.pdf

https://www.techtarget.com/searchsecurity/feature/5-critical-steps-to-creating-an-effective-incident-response-plan

https://www.integrify.com/blog/posts/incident-response-plan-need-an-update/

by Doug at Sep 15, 2024, 03:11 AM

Limited Time Offer

25%

Off

Get Premium CISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Abel
6 months ago
A - During the incident, of course! Multitasking at its finest. You can update the plan while also putting out fires. What could go wrong?
upvoted 0 times
...
Leonie
6 months ago
B! Tabletop exercises are the ideal time to test the plan and find those weaknesses. Plus, it's a lot less stressful than a real incident.
upvoted 0 times
...
Roselle
6 months ago
I'd have to go with D. Doing a full risk reassessment first will help ensure the updated plan covers all the bases. No point in rushing it.
upvoted 0 times
Rosann
5 months ago
C) During post-incident review
upvoted 0 times
...
Leigha
6 months ago
B) During a tabletop exercise
upvoted 0 times
...
Fletcher
6 months ago
A) While responding to the incident
upvoted 0 times
...
...
Vallie
7 months ago
I believe updating the plan after a risk reassessment would also be beneficial to ensure it aligns with the current threat landscape.
upvoted 0 times
...
Lucille
7 months ago
Definitely C. Trying to fix the plan while dealing with a crisis is just asking for trouble. Post-incident review is the perfect time to make those improvements.
upvoted 0 times
...
Nida
7 months ago
Updating the plan during the actual incident response? What could go wrong, right? I think C is the way to go.
upvoted 0 times
Corrinne
6 months ago
C) During post-incident review
upvoted 0 times
...
Delila
6 months ago
B) During a tabletop exercise
upvoted 0 times
...
Coral
7 months ago
A) While responding to the incident
upvoted 0 times
...
...
Johana
7 months ago
I agree with Carma. It's important to learn from the incident and make necessary improvements.
upvoted 0 times
...
Carma
7 months ago
I think the best time to update the plan is during post-incident review.
upvoted 0 times
...

Save Cancel