CISM Certified Information Security Manager – Question1371 - CISM Certified Information Security Manager

Which of the following actions should lake place immediately after a security breach is reported to an information security manager?

A. Confirm the incident
B. Determine impact
C. Notify affected stakeholders
D. Isolate the incident

Correct Answer: A

Explanation:

Explanation: Before performing analysis of impact, resolution, notification or isolation of an incident, it must be validated as a real security incident.