Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 637 discussion

Actual exam question from Isaca's CISM
Question #: 637
Topic #: 1
[All CISM Questions]

An organization is aligning its incident response capability with a public cloud service provider. What should be the information security manager’s FIRST course of action?

  • A. Identify the skill set of the provider's incident response team.
  • B. Update the incident escalation process.
  • C. Evaluate the provider’s audit logging and monitoring controls.
  • D. Review the provider’s incident definitions and notification criteria.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Broesweelies at Jan. 29, 2023, 9:07 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Broesweelies
Highly Voted 1 year, 9 months ago
D. Review the provider’s incident definitions and notification criteria. Reviewing the provider's incident definitions and notification criteria should be the information security manager's first course of action when aligning their incident response capability with a public cloud service provider. This is because it is important to understand the provider's definition of what constitutes an incident and their criteria for triggering notifications. This information is critical in order to determine the provider's incident response capability and to ensure that the organization's incident response plan aligns with the provider's processes. Without this understanding, the organization may not be notified of incidents in a timely manner or may not be able to effectively respond to incidents that occur. By reviewing the provider's incident definitions and notification criteria first, the information security manager can ensure that the organization's incident response capability is aligned with the provider's processes and can effectively respond to security incidents as they occur.
upvoted 5 times
...
ServerBrain
Most Recent 1 month ago
Selected Answer: D
D. Review
upvoted 1 times
...
richck102
1 year, 4 months ago
D. Review the provider’s incident definitions and notification criteria.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel