ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 891 discussion

Actual exam question from Isaca's CISM
Question #: 891
Topic #: 1
[All CISM Questions]

An incident response team has established that an application has been breached. Which of the following should be done NEXT?

  • A. Maintain the affected systems in a forensically acceptable state.
  • B. Inform senior management of the breach.
  • C. Isolate the impacted systems from the rest of the network.
  • D. Conduct a risk assessment on the affected application.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by 6and0 at Sept. 22, 2023, 4:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yottabyte
10 months, 1 week ago
Selected Answer: C
If the IRP has established the breach, then it means that the senior management already knows.
upvoted 1 times
...
richck102
1 year, 3 months ago
C. Isolate the impacted systems from the rest of the network.
upvoted 2 times
...
6and0
1 year, 4 months ago
Selected Answer: C
** Checked wrong box for answer in previous post. C. Isolate the impacted systems from the rest of the network. Containment follows detection. https://www.isaca.org/resources/isaca-journal/issues/2022/volume-1/cybersecurity-incident-response-exercise-guidance
upvoted 2 times
...
6and0
1 year, 4 months ago
Selected Answer: B
C. Isolate the impacted systems from the rest of the network. Containment follows detection. https://www.isaca.org/resources/isaca-journal/issues/2022/volume-1/cybersecurity-incident-response-exercise-guidance
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel