Question

Pan has just been hired as the new cybersecurity manager for a growing organization. The organization has never had a specific security-based role before. He asks other employees in the IT department how they handle incidents such as malware and viruses, and he gets a lot of different answers. Which of the following might help ensure that standard best practices are followed in these situations?

a. Incident response plan
b. Chain of custody form
c. Escalation list
d. Incident form

Answer 1

To standardize how incidents like malware and viruses are handled, a new cybersecurity manager should create an incident response plan that details procedures and assigns specific roles.

Step-by-step explanation:

To ensure that standard best practices are followed when handling incidents such as malware and viruses, Pan, the new cybersecurity manager, might implement an incident response plan. This plan provides a structured methodology for responding to security incidents in a consistent and effective manner. It defines the roles and responsibilities of the incident response team, outlines how to classify and prioritize incidents, and describes the processes to follow for containment, eradication, and recovery. Having a formalized plan in place helps reduce the variability of responses from different team members and ensures a coordinated effort to address security threats.