Exam ISO-IEC-27035-Lead-Incident-Manager Topic 1 Question 50 Discussion
Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam
Question #: 50
Topic #: 1
Question #: 50
Topic #: 1
Scenario 1: RoLawyers is a prominent legal firm based in Guadalajara, Mexico. It specializes in a wide range of legal services tailored to meet the diverse needs of its clients. Committed to excellence and integrity, RoLawyers has a reputation for providing legal representation and consultancy to individuals, businesses, and organizations across various sectors.
Recognizing the critical importance of information security in today's digital landscape, RoLawyers has embarked on a journey to enhance its information security measures. This company is implementing an information security incident management system aligned with ISO/IEC 27035-1 and ISO/IEC 27035-2 guidelines. This initiative aims to strengthen RoLawyers' protections against possible cyber threats by implementing a structured incident response process to provide guidance on establishing and maintaining a competent incident response team.
After transitioning its database from physical to online infrastructure to facilitate seamless information sharing among its branches, RoLawyers encountered a significant security incident. A malicious attack targeted the online database, overloading it with traffic and causing a system crash, making it impossible for employees to access it for several hours.
In response to this critical incident, RoLawyers quickly implemented new measures to mitigate the risk of future occurrences. These measures included the deployment of a robust intrusion detection system (IDS) designed to proactively identify and alert the IT security team of potential intrusions or suspicious activities across the network infrastructure. This approach empowers RoLawyers to respond quickly to security threats, minimizing the impact on their operations and ensuring the continuity of its legal services.
By being proactive about information security and incident management, RoLawyers shows its dedication to protecting sensitive data, keeping client information confidential, and earning the trust of its stakeholders.
Using the latest practices and technologies, RoLawyers stays ahead in legal innovation and is ready to handle cybersecurity threats with resilience and careful attention.
According to scenario 1, RoLawyers incorporated a structured incident management process to provide guidance on establishing and maintaining a competent incident response team. Is this acceptable?
Recognizing the critical importance of information security in today's digital landscape, RoLawyers has embarked on a journey to enhance its information security measures. This company is implementing an information security incident management system aligned with ISO/IEC 27035-1 and ISO/IEC 27035-2 guidelines. This initiative aims to strengthen RoLawyers' protections against possible cyber threats by implementing a structured incident response process to provide guidance on establishing and maintaining a competent incident response team.
After transitioning its database from physical to online infrastructure to facilitate seamless information sharing among its branches, RoLawyers encountered a significant security incident. A malicious attack targeted the online database, overloading it with traffic and causing a system crash, making it impossible for employees to access it for several hours.
In response to this critical incident, RoLawyers quickly implemented new measures to mitigate the risk of future occurrences. These measures included the deployment of a robust intrusion detection system (IDS) designed to proactively identify and alert the IT security team of potential intrusions or suspicious activities across the network infrastructure. This approach empowers RoLawyers to respond quickly to security threats, minimizing the impact on their operations and ensuring the continuity of its legal services.
By being proactive about information security and incident management, RoLawyers shows its dedication to protecting sensitive data, keeping client information confidential, and earning the trust of its stakeholders.
Using the latest practices and technologies, RoLawyers stays ahead in legal innovation and is ready to handle cybersecurity threats with resilience and careful attention.
According to scenario 1, RoLawyers incorporated a structured incident management process to provide guidance on establishing and maintaining a competent incident response team. Is this acceptable?
Suggested Answer: A Vote an answer
Comprehensive and Detailed Explanation From Exact Extract:
ISO/IEC 27035-1:2016 and ISO/IEC 27035-2:2016 provide comprehensive guidance on managing information security incidents through a structured incident management process. These documents emphasize the importance of establishing, maintaining, and continually improving an incident response capability, which includes forming a competent incident response team.
The structured incident management process is designed to ensure that organizations can respond effectively and efficiently to incidents, minimizing damage and impact. Specifically, ISO/IEC 27035-2 addresses the practical aspects of incident response, including the formation of an incident response team, their roles, responsibilities, and the need for appropriate skills and training.
The standard explicitly states that a competent incident response team is critical to the incident management lifecycle, which involves preparation, detection and reporting, assessment and decision, responses, and lessons learned. The establishment and maintenance of such a team ensure that the organization is capable of managing incidents with professionalism and consistency.
Furthermore, the structured process helps organizations not only to react to incidents but also to improve resilience through continual learning and process refinement. Preventive measures are part of a broader information security management system (ISMS), but incident management focuses primarily on effective response and recovery, supported by trained personnel.
In the scenario, RoLawyers' approach aligns fully with the ISO/IEC 27035 guidelines. By implementing a structured incident management process and forming a competent incident response team, the firm enhances its ability to deal with threats proactively and respond to incidents efficiently.
Reference Extracts from ISO/IEC 27035-1:2016 and ISO/IEC 27035-2:2016:
* ISO/IEC 27035-1, Section 4.2 (Incident Management Process): "An effective incident management process requires the establishment and maintenance of an incident response capability including a competent incident response team."
* ISO/IEC 27035-2, Section 5.2 (Incident Response Team): "The incident response team should have clearly defined roles and responsibilities and possess the necessary skills and training to manage information security incidents."
* ISO/IEC 27035-2, Introduction: "Incident management activities primarily focus on preparing, detecting, responding, and learning from incidents, rather than solely on prevention." Thus, the correct interpretation confirms that option A is the appropriate answer: implementing a structured incident management process with a competent incident response team is acceptable and strongly recommended.
ISO/IEC 27035-1:2016 and ISO/IEC 27035-2:2016 provide comprehensive guidance on managing information security incidents through a structured incident management process. These documents emphasize the importance of establishing, maintaining, and continually improving an incident response capability, which includes forming a competent incident response team.
The structured incident management process is designed to ensure that organizations can respond effectively and efficiently to incidents, minimizing damage and impact. Specifically, ISO/IEC 27035-2 addresses the practical aspects of incident response, including the formation of an incident response team, their roles, responsibilities, and the need for appropriate skills and training.
The standard explicitly states that a competent incident response team is critical to the incident management lifecycle, which involves preparation, detection and reporting, assessment and decision, responses, and lessons learned. The establishment and maintenance of such a team ensure that the organization is capable of managing incidents with professionalism and consistency.
Furthermore, the structured process helps organizations not only to react to incidents but also to improve resilience through continual learning and process refinement. Preventive measures are part of a broader information security management system (ISMS), but incident management focuses primarily on effective response and recovery, supported by trained personnel.
In the scenario, RoLawyers' approach aligns fully with the ISO/IEC 27035 guidelines. By implementing a structured incident management process and forming a competent incident response team, the firm enhances its ability to deal with threats proactively and respond to incidents efficiently.
Reference Extracts from ISO/IEC 27035-1:2016 and ISO/IEC 27035-2:2016:
* ISO/IEC 27035-1, Section 4.2 (Incident Management Process): "An effective incident management process requires the establishment and maintenance of an incident response capability including a competent incident response team."
* ISO/IEC 27035-2, Section 5.2 (Incident Response Team): "The incident response team should have clearly defined roles and responsibilities and possess the necessary skills and training to manage information security incidents."
* ISO/IEC 27035-2, Introduction: "Incident management activities primarily focus on preparing, detecting, responding, and learning from incidents, rather than solely on prevention." Thus, the correct interpretation confirms that option A is the appropriate answer: implementing a structured incident management process with a competent incident response team is acceptable and strongly recommended.
by Hulda at Mar 31, 2026, 12:15 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).