CISM Certified Information Security Manager – Question1449

Which of the following is the MOST effective way to detect information security incidents?

A.
Providing regular and up-to-date training for the incident response team
B. Establishing proper policies for response to threats and vulnerabilities
C. Performing regular testing of the incident response program
D. Educating and users on threat awareness and timely reporting

Correct Answer: B