CompTIA Security+ SY0-601 – Question090

Which of the following is the BEST action to foster a consistent and auditable incident response process?


A.
Incent new hires to constantly update the document with external knowledge.
B. Publish the document in a central repository that is easily accessible to the organization.
C. Restrict eligibility to comment on the process to subject matter experts of each IT silo.
D. Rotate CIRT members to foster a shared responsibility model in the organization.

Correct Answer: D

Explanation:

Reference: https://linfordco.com/blog/incident-management/#:~:text=While%20the…
20stages,Preparation%20for%20an%20incident