CISA Certified Information Systems Auditor – Question1023

What should be a security manager’s PRIMARY objective in the event of a security incident?

A.
Identify the source of the breach and how it was perpetrated.
B. Contain the threat and restore operations in a timely manner.
C. Ensure that normal operations are not disrupted.
D. Identify lapses in operational control effectiveness.

Correct Answer: B