CompTIA Security+ (SY0-601) — Question 855

Which of the following is the BEST action to foster a consistent and auditable incident response process?

Answer options

• A. Incent new hires to constantly update the document with external knowledge.
• B. Publish the document in a central repository that is easily accessible to the organization.
• C. Restrict eligibility to comment on the process to subject matter experts of each IT silo.
• D. Rotate CIRT members to foster a shared responsibility model in the organization.

Correct answer: B

Explanation

Publishing the document in a central repository that is easily accessible ensures that all members of the organization can refer to the same guidelines, which promotes consistency in incident response. The other options either limit collaboration, do not ensure accessibility, or focus on encouraging updates rather than maintaining a standardized process.