Certified Information Security Manager (CISM) — Question 787

Network isolation techniques are immediately implemented after a security breach to.

Answer options

• A. allow time for key stakeholder decision making.
• B. reduce the extent of further damage.
• C. enforce zero trust architecture principles.
• D. preserve evidence as required for forensics.

Correct answer: B

Explanation

The correct answer is B, as isolating the network helps to limit the damage caused by the breach. Options A and C are not immediate actions taken after a breach, while D, although important, focuses on evidence preservation rather than damage control.