CompTIA Security Plus Mock Test Q261

Which of the following is BEST carried out immediately after a security breach is discovered?

A. Risk transference
B. Access control revalidation
C. Change management
D. Incident management

Correct Answer: D
Section: Compliance and Operational Security

Incident management is the steps followed when security incident occurs.

Incorrect Answers:
A: Risk transference involves sharing some of the risk burden with someone else, such as an insurance company.
B: Revalidating access control is a technical control type and is done mainly to test the existing access control measures in place.
C: Change management is the structured approach that is followed to secure a company’s assets.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 10