Study tips CISM

Which of the following is the BEST mechanism to determine the effectiveness of the incident response process?

The FIRST step in an incident response plan is to:

Which of the following is the FIRST step a security manager should take in this situation?

What is the FIRST thing the incident response manager should do?

The PRIMARY consideration when defining recovery time objectives (RTOs) for information assets is:

What task should be performed once a security incident has been verified?

Which of the following should be the FIRST action taken?

Which of the following would be the FIRST step to preserve and protect unauthorized intrusion activities?

Which of the following would be a MAJOR consideration for an organization defining its business continuity plan (BCP) or disaster recovery program (DRP)?

Which of the following would be MOST appropriate for collecting and preserving evidence?