Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam Lead-Cybersecurity-Manager Topic 1 Question 5 Discussion

Actual exam question for PECB's Lead-Cybersecurity-Manager exam
Question #: 5
Topic #: 1
[All Lead-Cybersecurity-Manager Questions]

Scenario 8: FindaxLabs is a financial institution that offers money transfers services globally The company Is known for quick money transfers at a low cost. To transfer money, users register with their email addresses and submit a photo of their ID card for identity verification. They also need to provide the recipient s bank account details alongside their own bank account details. Users can track the transfer through their accounts, either from the website or mobile app. As the company operates in a highly sensitive industry, it recognizes the importance of ensuring cybersecurity. As such, FindaxLabs has addressed its cybersecurity concerns through its business continuity plan.

Nevertheless, a few months ago, FindaxLabs detected suspicious activity on its network and realized that it was being attacked The attackers tried to gain access to customer information. Including emails, bank account numbers, and records of financial transactions. Upon receiving the alert, the incident response team responded swiftly Following the ICT readiness for business continuity (IRBC) policy and procedures, they immediately took down the communication channels to the server and went offline. Subsequently, they conducted vulnerability testing and network scanning, but did not identify any other backdoors. After dodging this attack, the company completely changed its approach toward cyber threats. Consequently, cybersecurity became one of their highest priorities.

FindaxLabs established a more comprehensive cybersecurity incident management plan based on its cybersecurity Incident management policy 10 effectively handle and mitigate future incidents and vulnerabilities. The cybersecurity incident management plan outlined a structured approach based on industry best practices and included various phases of the incident response process

The company also created a post-incident report to evaluate the effectiveness of their response capabilities and identify areas for improvement It documented all relevant information related to the incident, such as category, priority, status, and actions taken to resolve it Based on this documentation, it defined the IRBC activities that helped them respond to and recover from disruptions, creating an IRBC timeline. The timeline consisted of three main stages: incident detection, response, and recovery. The company evaluated whether IRBC objectives were met for each phase. Through this evaluation, they determined that improved collaboration between business managers and ICT staff, as well as the implementation of preventive measures such as antivirus and firewalls, would have provided layered protection and better integration of cybersecurity into the business continuity strategy.

Based on the scenario above, answer the following question:

Based on scenario 8. FindaxLabs established the cybersecurity incident management plan based on Us cybersecurity incident management policy. Is this a good practice to follow?

Show Suggested Answer Hide Answer
Suggested Answer: C

Establishing a cybersecurity incident management plan based on the cybersecurity incident management policy is a good practice. The policy provides a framework and guidelines for managing incidents, while the plan outlines the specific steps and procedures to be followed. This alignment ensures consistency and comprehensiveness in the organization's approach to incident management. Reference for this practice include ISO/IEC 27035, which provides guidelines for information security incident management, emphasizing the need for policies and plans that work together to address and manage incidents effectively.


Contribute your Thoughts:

Emerson
3 months ago
Yes, it ensures consistency and alignment with industry best practices.
upvoted 0 times
...
Lea
3 months ago
I believe the plan should be based on the cybersecurity incident management policy.
upvoted 0 times
...
Audra
3 months ago
Haha, of course a plan is necessary! How else will they know what to do when the hackers strike? Gotta have a playbook, am I right?
upvoted 0 times
Willard
2 months ago
Haha, of course a plan is necessary! How else will they know what to do when the hackers strike? Gotta have a playbook, am I right?
upvoted 0 times
...
Onita
2 months ago
C) Yes. a cybersecurity incident management plan should be based on the cybersecurity incident management policy
upvoted 0 times
...
...
Mi
3 months ago
I agree, the policy and plan should be integrated for a more comprehensive approach. This allows for seamless execution during an incident.
upvoted 0 times
Tonette
2 months ago
I agree. Integration of the plan into the policy ensures a cohesive and effective Tonette to incidents.
upvoted 0 times
...
Tonette
3 months ago
Yes. a cybersecurity incident management plan should be based on the cybersecurity incident management policy
upvoted 0 times
...
...
Ilona
3 months ago
I agree. It helps in handling and mitigating future incidents.
upvoted 0 times
...
Emerson
3 months ago
I think having a cybersecurity incident management plan is important.
upvoted 0 times
...
Roselle
3 months ago
Yes, it's a good practice to develop a cybersecurity incident management plan based on the policy. Separation of policy and plan ensures a clear framework for incident response.
upvoted 0 times
Claribel
3 months ago
C) Yes. a cybersecurity incident management plan should be based on the cybersecurity incident management policy
upvoted 0 times
...
Cruz
3 months ago
B) No. the cybersecurity incident management plan must be integrated in the cybersecurity Incident management policy
upvoted 0 times
...
Lakeesha
3 months ago
A) No. it is not necessary to develop a cybersecurity incident management policy and a plan, since they address the same concerns
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77