Certified Information Security Manager (CISM) — Question 692

Which of the following is the MOST effective method for testing an incident response plan?

Answer options

• A. Disaster recovery testing
• B. Risk assessment
• C. Tabletop exercises
• D. Industry benchmarking

Correct answer: C

Explanation

Tabletop exercises are the most effective method for testing an incident response plan because they simulate real-life scenarios in a controlled environment, allowing teams to practice their response and identify gaps. Disaster recovery testing focuses more on restoring systems after incidents, while risk assessments and industry benchmarking do not provide practical testing of the response plan itself.