Certified Information Security Manager (CISM) — Question 1185

Which of the following is MOST important for responding effectively to security breaches?

Answer options

• A. Chain of custody
• B. Incident classification
• C. Log monitoring
• D. Communication plan

Correct answer: B

Explanation

Incident classification is vital as it helps determine the severity and type of breach, guiding the appropriate response. While chain of custody, log monitoring, and a communication plan are important, they are secondary to understanding the nature of the incident for effective action.