A company hired a third-party consultant to run a cybersecurity incident simulation in order to identify security gaps and prepare stakeholders for a potential incident. Which of the following best describes this activity?
❌ Why the other options are incorrect:
B. Walk-through review
More of a step-by-step review of procedures or documentation, not a live scenario simulation.
C. Lessons learned
Happens after a real or simulated incident, to analyze what went well or badly.
D. Business impact analysis (BIA)
Focuses on understanding how disruptions affect business operations, not simulating incident response.
✅ A. Tabletop exercise
🔍 Explanation:
A tabletop exercise is a simulated, discussion-based incident response activity where stakeholders — including technical teams, management, and other key roles — walk through a hypothetical cybersecurity scenario. The goal is to:
Evaluate incident response plans
Identify communication gaps
Test decision-making processes
Improve coordination and readiness
This is exactly what a third-party cybersecurity simulation is meant to achieve.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CAS-005 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
vicbersong
1 week, 1 day agovicbersong
1 week, 1 day ago