Which of the following is a critical operational component of an Incident Response Program (IRP)?
Which of the following is a critical operational component of an Incident Response Program (IRP)?
Daily monitoring of vulnerability advisories relating to your organization's deployed technologies is a critical operational component of an Incident Response Program (IRP). This practice ensures that the organization stays informed about potential vulnerabilities in real-time and can quickly respond to any threats, which is essential for maintaining security and mitigating risk.
Correct Answer C. Annual review of program charters, policies, procedures and organizational agreements.
monitoring of events is not an IR activity; event management performs that, and if not determined incident, IR team is not involved
C. Annual review of program charters, policies, procedures and organizational agreements. Explanation: A critical operational component of an Incident Response Program (IRP) is the annual review of program charters, policies, procedures, and organizational agreements. This ensures that the program stays up to date with the latest threat landscape, organizational changes, compliance requirements, and technological advancements. Regular reviews help in adapting the program to evolving risks and ensuring that all necessary stakeholders are aligned on the roles, responsibilities, and procedures in the event of a security incident.