Free Preparation Discussions
MENU
PECB Exam Lead-Cybersecurity-Manager Topic 5 Question 3 Discussion
Topic #: 5
Scenario 8: FindaxLabs is a financial institution that offers money transfers services globally The company Is known for quick money transfers at a low cost. To transfer money, users register with their email addresses and submit a photo of their ID card for identity verification. They also need to provide the recipient s bank account details alongside their own bank account details. Users can track the transfer through their accounts, either from the website or mobile app. As the company operates in a highly sensitive industry, it recognizes the importance of ensuring cybersecurity. As such, FindaxLabs has addressed its cybersecurity concerns through its business continuity plan.
Nevertheless, a few months ago, FindaxLabs detected suspicious activity on its network and realized that it was being attacked The attackers tried to gain access to customer information. Including emails, bank account numbers, and records of financial transactions. Upon receiving the alert, the incident response team responded swiftly Following the ICT readiness for business continuity (IRBC) policy and procedures, they immediately took down the communication channels to the server and went offline. Subsequently, they conducted vulnerability testing and network scanning, but did not identify any other backdoors. After dodging this attack, the company completely changed its approach toward cyber threats. Consequently, cybersecurity became one of their highest priorities.
FindaxLabs established a more comprehensive cybersecurity incident management plan based on its cybersecurity Incident management policy 10 effectively handle and mitigate future incidents and vulnerabilities. The cybersecurity incident management plan outlined a structured approach based on industry best practices and included various phases of the incident response process
The company also created a post-incident report to evaluate the effectiveness of their response capabilities and identify areas for improvement It documented all relevant information related to the incident, such as category, priority, status, and actions taken to resolve it Based on this documentation, it defined the IRBC activities that helped them respond to and recover from disruptions, creating an IRBC timeline. The timeline consisted of three main stages: incident detection, response, and recovery. The company evaluated whether IRBC objectives were met for each phase. Through this evaluation, they determined that improved collaboration between business managers and ICT staff, as well as the implementation of preventive measures such as antivirus and firewalls, would have provided layered protection and better integration of cybersecurity into the business continuity strategy.
Based on the scenario above, answer the following question:
Based on scenario 8, has FindaxLabs completed the "Do" phase of the Plan-Do-Check-Act cycle In IRBC?
Based on the scenario, FindaxLabs has completed the 'Do' phase of the Plan-Do-Check-Act (PDCA) cycle in IRBC. They implemented and operated the IRBC policy and procedures during the incident response, conducting actions such as taking down communication channels, performing vulnerability testing, and documenting the incident. This phase involves executing the planned actions to ensure ICT readiness and manage incidents effectively, as outlined in ISO/IEC 22301, which provides a framework for business continuity management systems, including the implementation and operation of continuity procedures.
Elli
2 months agoJesusita
2 months agoChanel
14 days agoSalome
15 days agoBrice
21 days agoFelix
2 months agoWilbert
2 months agoEdna
2 months agoWhitley
2 months agoLeandro
16 days agoNelida
1 months agoElinore
1 months agoFrederica
1 months agoElli
2 months agoTiera
2 months agoMarshall
1 months agoOzell
2 months agoWilliam
2 months agoBettina
2 months ago