CompTIA Security+ (SY0-601) — Question 54

The Chief Information Security Officer (CISO) of a bank recently updated the incident response policy. The CISO is concerned that members of the incident response team do not understand their roles. The bank wants to test the policy but with the least amount of resources or impact. Which of the following BEST meets the requirements?

Answer options

• A. Warm site failover
• B. Tabletop walk-through
• C. Parallel path testing
• D. Full outage simulation

Correct answer: B

Explanation

A tabletop walk-through is an effective way to evaluate the incident response policy in a low-resource and low-impact manner, as it involves discussion and review rather than practical execution. In contrast, warm site failover, parallel path testing, and full outage simulation require more resources and can disrupt operations, making them less suitable for the bank's objectives.