Exam ISO-IEC-27035-Lead-Incident-Manager Topic 4 Question 30 Discussion

Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam
Question #: 30
Topic #: 4
What is the first step in planning the response to information security incidents?

Suggested Answer: C Vote an answer

Comprehensive and Detailed Explanation From Exact Extract:
In ISO/IEC 27035-2:2016, the planning phase of incident response starts with establishing a classification system. Response classification is essential to ensure that incidents are assessed and categorized in a consistent manner, allowing appropriate response measures to be applied. This classification forms the foundation for selecting the right procedures, team involvement, and communication protocols.
Assigning a response class (Option A) is a subsequent step that occurs once an incident is analyzed and matched to a pre-defined category. Developing response processes (Option B) is important but comes after the classification model is defined.
Reference Extracts:
ISO/IEC 27035-2:2016, Clause 6.3.2: "The response planning process begins with the classification of potential incidents to determine the required actions and responsibilities." Clause 7.2.2: "Defining response classes helps the organization decide how to handle specific categories of incidents." Correct answer: C
-

by Audrey at Nov 03, 2025, 05:59 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10