What is a set of protocols and instructions for responding to and mitigating a cyber-attack?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Master the Control of Risk Test. Study with interactive quizzes and comprehensive questions, each with insights and feedback. Prepare effectively for your exam day!

Multiple Choice

What is a set of protocols and instructions for responding to and mitigating a cyber-attack?

Explanation:
An Incident Response Plan is a structured set of protocols and procedures for detecting, responding to, and mitigating cyber-attacks. It guides actions from the moment an incident is suspected through containment, eradication of the threat, recovery of normal operations, and a post-incident review to prevent recurrence. It defines who does what, when to escalate, how to communicate with stakeholders, and how to preserve evidence for forensics. This focus on the actual handling of a security incident—step by step, with specific roles and runbooks—is why it best fits a question about responding to and mitigating a cyber-attack. Disaster recovery plans concentrate on restoring IT systems and data after a disruption, emphasizing backups and failover to bring services back online. Business continuity plans are broader, aiming to keep essential business functions running during and after disruptions. Security policies set general rules and expectations for security but don’t prescribe the incident-specific actions used to detect, contain, and remediate an attack.

An Incident Response Plan is a structured set of protocols and procedures for detecting, responding to, and mitigating cyber-attacks. It guides actions from the moment an incident is suspected through containment, eradication of the threat, recovery of normal operations, and a post-incident review to prevent recurrence. It defines who does what, when to escalate, how to communicate with stakeholders, and how to preserve evidence for forensics. This focus on the actual handling of a security incident—step by step, with specific roles and runbooks—is why it best fits a question about responding to and mitigating a cyber-attack.

Disaster recovery plans concentrate on restoring IT systems and data after a disruption, emphasizing backups and failover to bring services back online. Business continuity plans are broader, aiming to keep essential business functions running during and after disruptions. Security policies set general rules and expectations for security but don’t prescribe the incident-specific actions used to detect, contain, and remediate an attack.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy