Certified Information Security Manager (CISM) — Question 718

Which of the following provides an information security manager with the MOST accurate indication of the organization's ability to respond to a cyber attack?

Answer options

• A. Walk-through of the incident response plan
• B. Black box penetration test
• C. Simulated phishing exercise
• D. Red team exercise

Correct answer: D

Explanation

A Red team exercise provides a realistic simulation of an attack, allowing for a comprehensive assessment of the organization's defenses and response capabilities. In contrast, a walk-through of the incident response plan may not test actual readiness, a black box penetration test focuses on finding vulnerabilities without a holistic view, and a simulated phishing exercise primarily tests user awareness rather than overall response capability.