30d (edited) • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations / Incident Management & Governance)
During a multi-day incident response, the SOC lead wants to share detailed forensic findings in real time with executives and affected business units. Legal advises limiting distribution to avoid discoverability risk, while executives want transparency to make decisions.
What is the MOST appropriate action for the incident commander to take FIRST?
A. Distribute full forensic findings to ensure informed executive decisions
B. Establish an executive level incident briefing with sanitized summaries
C. Defer communication until the investigation is fully complete
D. Allow legal to control all incident communications
Come back for the answer tomorrow, or study more now!
3
22 comments
CISSP Practice Question (Domain 7: Security Operations / Incident Management & Governance)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+90
2
+51
3
+42
4
+39
5
+34
Powered by