Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Mahender
Newcomer II
Saturday
Saturday

incident management steps identified by (ISC)2

3. In the incident management steps identified by (ISC)2
, which of the following occurs first?
A. Response
B. Mitigation
C. Remediation
D. Lessons learned

 

Seems the ISC 2 9th edition questions have typo, in the above question the answer has been given as D, but the explanation says  Detection which was not given in the options.

D. The first step is detection. The seven steps (in order) are detection, response, mitigation,
reporting, recovery, remediation, and lessons learned.

Reply
0 Kudos
6 Replies
dcontesti
Community Champion
Monday
Monday

@CBMExamTeam Can you folks have someone contact @Mahender to resolve their issues.

 

We on the forum do not necessarily have access to  ISC 2 9th edition questions nor do we have the ability to make corrections.

 

@mahender  Your concerns should be directed to Exam Administration.

 

I agree D is not the correct answer as the question is posted

 

d

Reply
0 Kudos
emb021
Advocate I
Tuesday
Tuesday

Huh?

NIST has already identified the steps for incident management (see NIST SP800-61R3), which is followed by SANS in their training.

There are *6* steps, not 7.

They are:

Preparation
Identification
Containment
Eradication
Recovery
Lessons Learned

Detection is most certainly NOT the first step.

I hope ISC2 is following this industry accepted process in their training and testing.

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Reply
0 Kudos
CBMExamTeam
ISC2 Team
ISC2 Team
yesterday
yesterday

@dcontesti @Mahender 

Thank you for reaching out via the ISC2 Community board.

Please see the lengthy reply with contact information for Wiley & Sons.

Also, I would be remiss if I didn't point out that these questions arise from The ISC2 CISSP Certified Information Systems Security Professional Official Study Guide (Sybex Study Guide) 9th ed published in 2021.

The latest edition, published in 2024, is the 10th edition. The discrepancies you are finding may well have been addressed in this current version. That might be another question for Wiley & Sons. 

Reply
Mahender
Newcomer II
13 hours ago
13 hours ago

Hi Team, 

 

Thanks for addressing. How could I get the latest 10th edition.

 

Thanks/Mahender.

Reply
0 Kudos
ericgeater
Community Champion
3 hours ago
3 hours ago

@denbesten Here's the errata itself for that specific book.  As  @CBMExamTeam mentioned, you can email to submit something as an errata, but did @Mahender check the errata list to see if his question was previously addressed?

-----------
A claim is as good as its veracity.
Reply
0 Kudos