Exam ISO-IEC-27035-Lead-Incident-Manager Topic 4 Question 55 Discussion
Actual exam question for PECB's ISO-IEC-27035-Lead-Incident-Manager exam
Question #: 55
Topic #: 4
Question #: 55
Topic #: 4
What is the primary focus of internal exercises in information security incident management?
Suggested Answer: C Vote an answer
Comprehensive and Detailed Explanation From Exact Extract:
Internal exercises, such as simulations, tabletop exercises, and mock drills, are designed primarily to assess the readiness, coordination, and performance of the internal incident response team (IRT). According to ISO
/IEC 27035-2:2016, these exercises aim to validate that the IRT understands their roles, follows documented procedures, and can act effectively under pressure.
While external collaboration (Options A and B) may be tested during joint exercises or industry-wide scenarios, the focus of internal exercises is on internal capabilities. These exercises help identify gaps in training, procedures, communication, and escalation pathways.
Reference Extracts:
ISO/IEC 27035-2:2016, Clause 7.3.3: "Exercises and simulations should be conducted to test the readiness of the incident response capability." NIST SP 800-84: "Regular exercises increase response efficiency and allow staff to develop incident handling confidence." Correct answer: C
-
Internal exercises, such as simulations, tabletop exercises, and mock drills, are designed primarily to assess the readiness, coordination, and performance of the internal incident response team (IRT). According to ISO
/IEC 27035-2:2016, these exercises aim to validate that the IRT understands their roles, follows documented procedures, and can act effectively under pressure.
While external collaboration (Options A and B) may be tested during joint exercises or industry-wide scenarios, the focus of internal exercises is on internal capabilities. These exercises help identify gaps in training, procedures, communication, and escalation pathways.
Reference Extracts:
ISO/IEC 27035-2:2016, Clause 7.3.3: "Exercises and simulations should be conducted to test the readiness of the incident response capability." NIST SP 800-84: "Regular exercises increase response efficiency and allow staff to develop incident handling confidence." Correct answer: C
-
by Lyndon at Apr 11, 2026, 08:20 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).