Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam Lead-Cybersecurity-Manager Topic 5 Question 2 Discussion

Actual exam question for PECB's ISO/IEC 27032 Lead Cybersecurity Manager exam
Question #: 2
Topic #: 5
[All ISO/IEC 27032 Lead Cybersecurity Manager Questions]

Scenario 8: FindaxLabs is a financial institution that offers money transfers services globally The company Is known for quick money transfers at a low cost. To transfer money, users register with their email addresses and submit a photo of their ID card for identity verification. They also need to provide the recipient s bank account details alongside their own bank account details. Users can track the transfer through their accounts, either from the website or mobile app. As the company operates in a highly sensitive industry, it recognizes the importance of ensuring cybersecurity. As such, FindaxLabs has addressed its cybersecurity concerns through its business continuity plan.

Nevertheless, a few months ago, FindaxLabs detected suspicious activity on its network and realized that it was being attacked The attackers tried to gain access to customer information. Including emails, bank account numbers, and records of financial transactions. Upon receiving the alert, the incident response team responded swiftly Following the ICT readiness for business continuity (IRBC) policy and procedures, they immediately took down the communication channels to the server and went offline. Subsequently, they conducted vulnerability testing and network scanning, but did not identify any other backdoors. After dodging this attack, the company completely changed its approach toward cyber threats. Consequently, cybersecurity became one of their highest priorities.

FindaxLabs established a more comprehensive cybersecurity incident management plan based on its cybersecurity Incident management policy 10 effectively handle and mitigate future incidents and vulnerabilities. The cybersecurity incident management plan outlined a structured approach based on industry best practices and included various phases of the incident response process

The company also created a post-incident report to evaluate the effectiveness of their response capabilities and identify areas for improvement It documented all relevant information related to the incident, such as category, priority, status, and actions taken to resolve it Based on this documentation, it defined the IRBC activities that helped them respond to and recover from disruptions, creating an IRBC timeline. The timeline consisted of three main stages: incident detection, response, and recovery. The company evaluated whether IRBC objectives were met for each phase. Through this evaluation, they determined that improved collaboration between business managers and ICT staff, as well as the implementation of preventive measures such as antivirus and firewalls, would have provided layered protection and better integration of cybersecurity into the business continuity strategy.

Based on the scenario above, answer the following question:

Based on scenario 8, FindaxLabs created a post-incident report to evaluate the effectiveness of their response capabilities Is this a good practice to follow?

Show Suggested Answer Hide Answer
Suggested Answer: A

Creating a post-incident report is a good practice as it allows organizations to evaluate the effectiveness of their response capabilities and identify areas for improvement. The report provides detailed insights into the incident, including what happened, how it was handled, and what can be done better in the future. This continuous improvement process is essential for strengthening an organization's cybersecurity posture. Reference include ISO/IEC 27035, which highlights the importance of post-incident analysis and reporting for effective incident management and continuous improvement.


Contribute your Thoughts:

Sharmaine
1 months ago
The post-incident report is like a black box for the incident response team - it gives them valuable data to fine-tune their processes. As they say, 'Fail fast, fail forward.'
upvoted 0 times
Adolph
15 days ago
Actually, the post-incident report is essential for evaluating response capabilities and making necessary improvements.
upvoted 0 times
...
Glendora
17 days ago
C) No. the post-incident report shows the actual impact of the incident but does not help in evaluating the cybersecurity incident response capabilities
upvoted 0 times
...
Ettie
22 days ago
The post-incident report is crucial for learning from past incidents and improving future responses.
upvoted 0 times
...
Trinidad
28 days ago
A) Yes. the post-incident report helps organizations to evaluate their cybersecurity response plan and identify areas for improvement
upvoted 0 times
...
...
Gracie
1 months ago
I think it's important to learn from past incidents to enhance future cybersecurity measures.
upvoted 0 times
...
Sanjuana
1 months ago
I agree, the post-incident report is a great way to analyze the incident and determine if the response was effective. It's especially important in a sensitive industry like finance to ensure they are continuously improving their cybersecurity measures.
upvoted 0 times
Jaclyn
29 days ago
I agree, it's crucial for companies to learn from past incidents and enhance their cybersecurity measures.
upvoted 0 times
...
Krystina
1 months ago
A) Yes. the post-incident report helps organizations to evaluate their cybersecurity response plan and identify areas for improvement
upvoted 0 times
...
...
Whitney
2 months ago
I believe the post-incident report is essential for evaluating response capabilities.
upvoted 0 times
...
Serita
2 months ago
I agree with you, Donte. It helps organizations improve their cybersecurity response plan.
upvoted 0 times
...
Donte
2 months ago
I think creating a post-incident report is a good practice.
upvoted 0 times
...
Winfred
2 months ago
Absolutely, the post-incident report is a critical step in evaluating the effectiveness of the response and identifying areas for improvement. It's crucial to learn from these incidents to be better prepared in the future.
upvoted 0 times
Arthur
27 days ago
A) Yes. the post-incident report helps organizations to evaluate their cybersecurity response plan and identify areas for improvement
upvoted 0 times
...
Leonida
1 months ago
Absolutely, the post-incident report is essential for learning and improving our cybersecurity response plan.
upvoted 0 times
...
Edna
1 months ago
A) Yes. the post-incident report helps organizations to evaluate their cybersecurity response plan and identify areas for improvement
upvoted 0 times
...
...

Save Cancel