When developing a tabletop test plan for incident response testing, the PRIMARY purpose of the scenario should be to:
Evaluate the effectiveness of the organization's incident response processes and identify gaps in coordination, communication, and decision-making.
✅ Why This Is the Correct Purpose:
A tabletop exercise is a discussion-based simulation where team members walk through their roles during a hypothetical incident.
The goal is not to test technical controls, but to:
Validate incident response procedures
Assess roles and responsibilities
Improve communication and coordination
Identify policy or process gaps before a real incident occurs
🧠 Pro Tip:
Well-crafted tabletop scenarios should:
Be realistic and relevant to your organization (e.g., ransomware, insider threat, cloud breach)
Involve cross-functional teams (IT, legal, PR, HR, execs)
Include injects that test decision-making under pressure
Lead to an after-action report with lessons learned and action items
"The primary purpose of SCENARIO" is what pointed me to B. If it was less direct and more vague asking, for example, "the primary purpose of the tabletop exercise", then C would make more sense.
The PRIMARY purpose of the scenario in a tabletop test plan for incident response testing is B. provide participants with situations to ensure understanding of their roles.
Tabletop exercises are a valuable tool for testing an organization's incident response plan and ensuring that team members understand their roles and responsibilities. By walking through hypothetical incident scenarios, participants can practice their communication, coordination, and decision-making skills under simulated pressure.
C. Give the business a measure of overall readiness: A tabletop exercise can provide some insights into overall readiness, but it is not a comprehensive assessment. Other testing methods, such as penetration tests and vulnerability scans, are also necessary.
D. Challenge the team to solve the problem under pressure: While tabletop exercises should be challenging, the primary goal is to provide a learning experience for the team, not to create a stressful or adversarial environment.
While all the options are relevant to incident response testing, the primary goal of a tabletop exercise is to assess and improve the organization's overall readiness to respond to incidents. The scenario should simulate a realistic incident to evaluate how well the incident response team and other stakeholders can effectively respond, communicate, and coordinate actions in a controlled environment. This helps identify strengths, weaknesses, and areas for improvement in the incident response plan and procedures.
The exercise can also provide participants with situations to ensure understanding of their roles (Option B) and challenge the incident response team to solve the problem under pressure (Option D), but the overarching goal is to assess the organization's readiness and improve its ability to respond effectively to incidents.
B. provide participants with situations to ensure understanding of their roles.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
edmamol
1 month ago1899f17
4 months, 3 weeks agoAlexJacobson
9 months, 1 week agoCyberbug2021
11 months, 1 week agoCyberbug2021
11 months, 1 week agoCyberbug2021
11 months, 1 week agoPOWNED
11 months, 1 week agoViperhunter
11 months, 1 week agorichck102
1 year, 5 months ago