New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CISSP Exam - Topic 1 Question 112 Discussion

Actual exam question for ISC2's CISSP exam
Question #: 112
Topic #: 1
[All CISSP Questions]

A colleague who recently left the organization asked a security professional for a copy of the organization's confidential incident management policy. Which of the following

is the BEST response to this request?

Show Suggested Answer Hide Answer
Suggested Answer: D

The best response to the request from a former colleague for a copy of the organization's confidential incident management policy is to submit the request using company official channels to ensure the policy is okay to distribute. The incident management policy is a policy that defines the roles, responsibilities, and procedures for the identification, response, and recovery of the security incidents that may affect the organization. The incident management policy is a confidential document that contains sensitive information and data, and that should be protected from unauthorized access, disclosure, or modification. Submitting the request using company official channels can help to ensure the policy is okay to distribute, as it can verify the legitimacy and validity of the request, and the authorization and clearance of the requester.Submitting the request using company official channels can also help to comply with the security policies and standards, and the legal, regulatory, or contractual requirements of the organization, and to prevent or mitigate any potential security risks or issues that may arise from the distribution of the policy34.Reference:CISSP CBK, Fifth Edition, Chapter 7, page 629;2024 Pass4itsure CISSP Dumps, Question 17.


by Hector at Jan 27, 2026, 10:53 PM

Limited Time Offer

25%

Off

Get Premium CISSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Alberta
5 days ago
I remember a practice question about sharing sensitive information, and it emphasized the importance of protecting company policies. I think we should refer the colleague to HR instead.
upvoted 0 times
...
Bernardine
10 days ago
I think the best response would be to deny the request since it's confidential, but I'm not entirely sure about the specific protocols for handling such situations.
upvoted 0 times
...
Carin
15 days ago
I'm a bit unsure here. Is there any way we could redact or summarize the key points without sharing the full policy? Might be worth exploring that option.
upvoted 0 times
...
Eric
20 days ago
This is a no-brainer. The policy is confidential, so we can't disclose it to anyone who no longer works here. Gotta protect that sensitive information.
upvoted 0 times
...
Deeann
26 days ago
Okay, let's think this through. What are the potential risks and consequences of sharing the policy? I'll need to weigh that against any potential benefits.
upvoted 0 times
...
Vi
1 month ago
Definitely can't share confidential policies with former employees. That would be a breach of trust and security protocols.
upvoted 0 times
...
Lashaunda
1 month ago
Hmm, this seems like a tricky one. I'll need to carefully consider the confidentiality and security implications before responding.
upvoted 0 times
...

Save Cancel