CISM Certified Information Security Manager – Question1512

What should be an information security manager's PRIMARY objective in the event of a security incident?

A.
Contain the threat and restore operations in a timely manner.
B. Ensure that normal operations are not disrupted.
C. Identify the source of the breach and how it was perpetrated.
D. Identify lapses in operational control effectiveness.

Correct Answer: A