CISM Certified Information Security Manager – Question1399

The FIRST step in an incident response plan is to:

A.
notify- the appropriate individuals.
B. contain the effects of the incident to limit damage.
C. develop response strategies for systematic attacks.
D. validate the incident.

Correct Answer: D

Explanation:

Explanation:
Appropriate people need to be notified; however, one must first validate the incident. Containing the effects of the incident would be completed after validating the incident. Developing response strategies for systematic attacks should have already been developed prior to the occurrence of an incident.