When properly tested, which of the following would MOST effectively support an information
security manager in handling a security breach?
A.
Business continuity plan
B.
Disaster recovery plan
C.
Incident response plan
D.
Vulnerability management plan
Explanation:
An incident response plan documents the step-by-step process to follow, as well as the related
roles and responsibilities pertaining to all parties involved in responding to an information security
breach. A business continuity plan or disaster recovery plan would be triggered during the
execution of the incident response plan in the case of a breach impacting the business continuity.
A vulnerability management plan is a procedure to address technical vulnerabilities and mitigate
the risk through configuration changes (patch management).