E-book: As mentioned before, ServiceNow added two further stages to the NIST/SANS Security Incident Response process:
- Review - post-incident analysis
- Prepare - priorities for action, drivers for change arising from the review etc.
Both of these are learning and improvement opportunities that contribute towards process maturity and strengthen the overall security posture of the customer.
ebook p.238, both Review and Prepare are learning and improvement Opportunities that contribute towards process manturity and strengthen the overall security posture of the customer
- Review: post-incident analysis, lessons indentified (and hopefully lessons learnt)
- Prepare: priorities for action, drivers for change arisisng from the review, including implementing preventative measures to prevent a recurrence.
both points indicate towards post-incident review (which includes analysis), so keyword should be "post-incident"
This section is not available anymore. Please use the main Exam Page.CIS-SIR Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MarlyB
1 month, 1 week agomlemartien
11 months agoSazeka
1 year, 2 months agosephereth
1 year, 5 months agoRemo878
1 year, 6 months ago