D. Prevent the re-occurrence.
Which of the following is the MOST important reason to document information security incidents that are reported across the organization?
Question is that what is/are the reason (s) of identify unmitigated risk --> for further protections? for better prevention?, for better corrections?
Are the above future protections/prevention/corrections considered prevent the recurrence?
Similarly to lesson learned, purpose is to prevent future recurrence.
If doctor failed to save life, you cannot say his purpose is not saving life. Same applies to lesson learned.
It's a matter of mitigating risks rather than preventing their recurrence. during the incident response In a Root Cause Analysis (RCA) focused on a malware incident, discovering and addressing the entry point is a form of mitigation. However, it's important to recognize that this mitigation doesn't ensure absolute prevention of future incidents, as new entry points may be exploited over time. Cybersecurity often involves a layered approach, combining preventive measures, detection strategies, and ongoing mitigation efforts to manage evolving risks in the dynamic threat landscape.
C is correct!
How the hell can you prevent incidence recourrance? Thats impossible.
You can get DDOS'd more than once.
Social engineering attach can occur more than once.
Come on fellows/mates --> C
Awareness Training, Education, Standard enforcement, job descriptions, rules, and etc. How can you prevent yourself from getting the Covid-19 for the second time?
C. Identify unmitigated risk.
Documenting information security incidents across the organization is crucial for identifying unmitigated risks. This documentation helps in understanding the nature and scope of security incidents, which, in turn, allows organizations to identify areas where their security measures may be insufficient or ineffective. By identifying unmitigated risks, organizations can take proactive steps to improve their security posture, prevent future incidents, and enhance overall security.
C. Identify unmitigated risk.
Identifying unmitigated risk is the MOST important reason to document information security incidents. It allows the organization to gain insights into vulnerabilities and weaknesses that may lead to incidents and helps in implementing necessary controls to mitigate those risks. While preventing incident recurrence (Option D) is a valid goal, it is secondary to the primary purpose of identifying and addressing unmitigated risk through incident documentation.
B. Evaluate the security posture of the organization.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
03allen
1 year agoThavee
1 year, 2 months agoxcjxcj
1 year, 3 months agoHA2024
1 year, 5 months agoUncle_Lucifer
1 year, 6 months agoThavee
1 year, 2 months agoMarcovic00
1 year, 7 months agoKunzle
1 year, 9 months agooluchecpoint
1 year, 9 months agoafc1019
1 year, 10 months agoGoseu
1 year, 11 months agorichck102
1 year, 11 months ago