CompTIA Security+ (SY0-701) — Question 455

A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, social engineering, and business email compromise. Which of the following documents would be most relevant to revise as part of this process?

Answer options

• A. SDLC
• B. IRP
• C. BCP
• D. AUP

Correct answer: B

Explanation

The Incident Response Plan (IRP) is crucial for outlining how to detect and respond to security incidents, making it the most relevant document to revise in this context. The Software Development Life Cycle (SDLC) focuses on software processes, while the Business Continuity Plan (BCP) deals with maintaining business functions during disruptions, and the Acceptable Use Policy (AUP) governs user behavior, none of which directly address the response to security threats.