- Home
- PECB
- PECB Certified ISO/IEC 27035 Lead Incident Manager
- PECB.ISO-IEC-27035-Lead-Incident-Manager.v2025-12-25.q33
- Question 18
Valid ISO-IEC-27035-Lead-Incident-Manager Dumps shared by ExamDiscuss.com for Helping Passing ISO-IEC-27035-Lead-Incident-Manager Exam! ExamDiscuss.com now offer the newest ISO-IEC-27035-Lead-Incident-Manager exam dumps, the ExamDiscuss.com ISO-IEC-27035-Lead-Incident-Manager exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com ISO-IEC-27035-Lead-Incident-Manager dumps with Test Engine here:
Access ISO-IEC-27035-Lead-Incident-Manager Dumps Premium Version
(80 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 18/33
According to ISO/IEC 27035-2, how should an organization plan the development of the incident response team capabilities?
Correct Answer: B
Comprehensive and Detailed Explanation From Exact Extract:
ISO/IEC 27035-2:2016 recommends that organizations should assess the necessary capabilities of the Incident Response Team (IRT) based on risk exposure and the frequency of past incidents requiring specific skills or tools. This ensures a balanced and realistic approach to resource allocation while preparing for probable future events.
Section 7.2.1 of ISO/IEC 27035-2 outlines that capability planning should consider:
Lessons learned from prior incidents
Incident history and trends
Anticipated threat landscape
Option A is incorrect because relying solely on internal capabilities may leave organizations vulnerable when specialized expertise is required. Option C contradicts ISO guidance because a lack of recent use does not mean a capability is no longer critical; it may still be required during high-impact, low-frequency incidents.
Reference:
ISO/IEC 27035-2:2016, Clause 7.2.1: "Incident response capabilities should be planned and developed based on the history of incidents, business requirements, and likely future needs." Correct answer: B
-
ISO/IEC 27035-2:2016 recommends that organizations should assess the necessary capabilities of the Incident Response Team (IRT) based on risk exposure and the frequency of past incidents requiring specific skills or tools. This ensures a balanced and realistic approach to resource allocation while preparing for probable future events.
Section 7.2.1 of ISO/IEC 27035-2 outlines that capability planning should consider:
Lessons learned from prior incidents
Incident history and trends
Anticipated threat landscape
Option A is incorrect because relying solely on internal capabilities may leave organizations vulnerable when specialized expertise is required. Option C contradicts ISO guidance because a lack of recent use does not mean a capability is no longer critical; it may still be required during high-impact, low-frequency incidents.
Reference:
ISO/IEC 27035-2:2016, Clause 7.2.1: "Incident response capabilities should be planned and developed based on the history of incidents, business requirements, and likely future needs." Correct answer: B
-
- Question List (33q)
- Question 1: What is the primary focus of internal exercises in informati...
- Question 2: How is the impact of an information security event assessed?...
- Question 3: Scenario 5: Located in Istanbul. Turkey. Alura Hospital is a...
- Question 4: Scenario 4: ORingo is a company based in Krakow, Poland, spe...
- Question 5: Which factor of change should be monitored when maintaining ...
- Question 6: Scenario 1: RoLawyers is a prominent legal firm based in Gua...
- Question 7: Scenario 7: Located in central London, Konzolo has become a ...
- Question 8: What is a key responsibility of the incident response team?...
- Question 9: Who is responsible for providing threat intelligence and sup...
- Question 10: Scenario 1: RoLawyers is a prominent legal firm based in Gua...
- Question 11: What is the first step in planning the response to informati...
- Question 12: Scenario 5: Located in Istanbul, Turkey, Alura Hospital is a...
- Question 13: Which of the following statements regarding the principles f...
- Question 14: Which document provides guidelines for planning and preparin...
- Question 15: According to scenario 4, what is the next action ORingo shou...
- Question 16: Who is responsible for approving an organization's informati...
- Question 17: Scenario 8: Moneda Vivo, headquartered in Kuala Lumpur. Mala...
- Question 18: According to ISO/IEC 27035-2, how should an organization pla...
- Question 19: Scenario 3: L&K Associates is a graphic design firm head...
- Question 20: Scenario 5: Located in Istanbul, Turkey, Alura Hospital is a...
- Question 21: What roles do business managers play in relation to the Inci...
- Question 22: How should vulnerabilities lacking corresponding threats be ...
- Question 23: Scenario 7: Located in central London, Konzolo has become a ...
- Question 24: Scenario 1: RoLawyers is a prominent legal firm based in Gua...
- Question 25: What does the Incident Cause Analysis Method (ICAM) promote?...
- Question 26: What is the primary objective of an awareness program?...
- Question 27: During an ongoing cybersecurity incident investigation, the ...
- Question 28: Which method is used to examine a group of hosts or a networ...
- Question 29: Why is it important to identify all impacted hosts during th...
- Question 30: What is the primary input for the information security risk ...
- Question 31: Scenario 4: ORingo is a company based in Krakow, Poland, spe...
- Question 32: Scenario 8: Moneda Vivo, headquartered in Kuala Lumpur. Mala...
- Question 33: Scenario 6: EastCyber has established itself as a premier cy...
[×]
Download PDF File
Enter your email address to download PECB.ISO-IEC-27035-Lead-Incident-Manager.v2025-12-25.q33.pdf