Exam CS0-002 topic 1 question 153 discussion

"Which of the following can be executed by internal managers" Internal managers will never execute a tabletop exercise, they wouldn't have the required skills. That's for the security team to do. Now, if by that sentence they mean that the internal managers plan the session, then it could be C, but I'm still banking on A. As usual unfortunate wording which adds artificial difficulty to an otherwise simple question

Key word here in the question is SIMULATE answer is C

C. Tabletop exercise - Key word is "SIMULATE" A tabletop exercise is a type of simulation where key personnel gather to discuss and simulate a hypothetical scenario, often involving a cybersecurity incident. It is used to validate and test the effectiveness of plans, procedures, and communication channels. In this case, a tabletop exercise would be suitable for simulating and validating the proposed changes to the risk management plan, incident response plan, and system security plan. While internal management review (Option A) and peer review (Option D) involve evaluations by internal stakeholders, they may not actively simulate scenarios and test the plans in the same way a tabletop exercise does.

I would go with "C" because of word "simulate"

Internal management review could involve high-level overview and approval but may not simulate and validate the proposed changes in a practical manner like a tabletop exercise.

A tabletop exercise is a simulated scenario-based discussion that involves key stakeholders and decision-makers to evaluate the effectiveness and readiness of a proposed plan or process. In the context of security updates and compliance, a tabletop exercise can be used to simulate various security incidents and assess how the proposed changes in the risk management plan, incident response plan, and system security plan hold up in practice. It allows internal managers to test the effectiveness of the proposed changes, identify any gaps or weaknesses, and make necessary adjustments before implementing them in real-world situations.

Internal Managers can do Tabletop Exercise.

Internal management review is a process where internal managers review documents or processes to ensure that they comply with established policies, standards, and procedures. It is a general process that can be used for any document or process and may not be specific to validating security changes.

Tabletop exercises (TTXs) may or may not happen at a tabletop, but they do not involve a technical control infrastructure. TTXs can happen at the executive level (for example, CEO, CIO, or CFO), at the team level (for example, security operations center or SOC), or anywhere in between. The idea is usually to test out procedures and ensure that they actually do what they’re intended to and that everyone knows their role in responding to an event. TTXs require relatively few resources apart from deliberate planning by qualified individuals and the undisturbed time and attention of the participants.

The question is asking which would simulate and validate the proposed changes. The only answer that includes a simulation is C. Tabletop exercise.

C. Mainly because the word simulate is mentioned. I would also say that there are managers in the table top discussions along with technical staff.

An internal management review is usually done for auditing purposes to check that plans are compliant with company policies. WRONG ANSWERS • B – We’re not looking to assess if certain controls are in place or designed correctly. We’re looking to see if the plans we’ve updated are still in compliance with guidelines. • C – a tabletop exercise is verbally simulated and therefore doesn’t require extensive technical skill. However, it does require very technical knowledge, and would be done by a cybersecurity expert. • D – peers not only might not know if our policies are compliant, they may not be the best people to share security plans with.

the key word is simulate

C right?

Management review is the routine evaluation of whether management systems are performing as intended and producing the desired results as efficiently as possible. It is the ongoing “due diligence” review by management that fills the gap between day-to-day work activities and periodic formal audits.

C is the correct answer

can be executed by internal managers to simulate and validate the proposed changes? is literally has the answer in the question.. its a review.. who knows how they conduct the review. could be a simulated event