CompTIA CASP+ (CAS-003) — Question 283
Due to a recent breach, the Chief Executive Officer (CEO) has requested the following activities be conducted during incident response planning:
✑ Involve business owners and stakeholders
✑ Create an applicable scenario
✑ Conduct a biannual verbal review of the incident response plan
✑ Report on the lessons learned and gaps identified
Which of the following exercises has the CEO requested?
Answer options
- A. Parallel operations
- B. Full transition
- C. Internal review
- D. Tabletop
- E. Partial simulation
Correct answer: D
Explanation
The correct answer is D, Tabletop, as it involves discussions and simulations of potential incidents with stakeholders to review responses and identify gaps. The other options do not specifically focus on collaborative discussions with stakeholders about incident scenarios and lessons learned as required by the CEO.