Exam Lead Implementer topic 1 question 25 discussion

Actual exam question from PECB's Lead Implementer

Question #: 25
Topic #: 1

The incident management process of an organization enables them to prepare for and respond to information security incidents. In addition, the organization has procedures in place for assessing information security events. According to ISO/IEC 27001, what else must an incident management process include?

A. Processes for using knowledge gained from information security incidents
B. Establishment of two information security incident response teams
C. Processes for handling information security incidents of suppliers as defined in their agreements

Show Suggested Answer

Suggested Answer: A 🗳️

by Acrisius at Jan. 23, 2025, 8:05 p.m.

Comments

Submit Cancel

Acrisius

2 months, 1 week ago

Selected Answer: A

The answer here is A A. Processes for using knowledge gained from information security incidents AKA Lessons learnt 5.24 Information security incident management planning and preparation h. identification of lessons learned and any improvements to the incident management procedures or information security controls in general that are required. B. Establishment of two information security incident response teams Only need one C. Processes for handling information security incidents of suppliers as defined in their agreements This is part of the supplier clauses

upvoted 3 times

...

Exam Lead Implementer All Questions

View all questions & answers for the Lead Implementer exam

Exam Lead Implementer topic 1 question 25 discussion

Comments

Acrisius

SY0-701