Certified Information Security Manager (CISM) — Question 169

Which of the following is a PRIMARY function of an incident response team?

Answer options

• A. To provide a single point of contact for critical incidents
• B. To provide a risk assessment for zero-day vulnerabilities
• C. To provide a business impact analysis (BIA)
• D. To provide effective incident mitigation

Correct answer: D

Explanation

The correct answer is D because the primary role of an incident response team is to manage and mitigate incidents effectively to minimize damage. Options A, B, and C refer to supportive roles or assessments that are important but not the primary focus of incident response.