Certified Information Security Manager (CISM) — Question 456

Who should an information security manager contact FIRST upon discovering that a cloud-based payment system used by the organization may be infected with malware?

Answer options

• A. Senior management
• B. Affected customers
• C. Cloud service provider
• D. The incident response team

Correct answer: D

Explanation

The incident response team should be contacted first because they are trained to handle security incidents and can initiate the appropriate response procedures. Senior management, affected customers, and the cloud service provider should be informed later, but immediate action to mitigate the threat is crucial, making the incident response team the priority.