Regular Implementations of Incident Response Plan
Question
A company had developed an incident response plan 18 months ago.
Regular implementations of the response plan are carried out.
No changes have been made to the response plan since its creation.
Which of the following is the right statement about the plan?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: C.
Option A is incorrect because we do not know this for a fact.
Option B is incorrect because the question confirms the response plan has been carried out on a regular basis.
Option C is CORRECT because AWS keeps on changing and adding new services.
Since the existing plan was last updated 18 months ago, we know for a fact that it would not cater to these new services.
Option D is incorrect because the plan does not fully follow the best practices since it is not updated for 18 months.
For more information on the incident response plan, kindly visit the following URL:
https://aws.amazon.com/blogs/publicsector/building-a-cloud-specific-incident-response-plan/The correct statement about the incident response plan that the company developed 18 months ago and regularly implements without any changes is:
C. The response plan does not cater to new services as the plan is not updated for 18 months.
Explanation: An incident response plan is a documented set of procedures that a company follows in the event of a security breach or other incident. It includes actions that should be taken to identify, contain, investigate, and mitigate the impact of the incident.
Regular implementation of an incident response plan is a good practice because it helps to ensure that the plan is effective and up-to-date. However, in this case, the plan has not been updated for 18 months, which means it may not be catering to new services or technologies that the company has adopted since the plan's creation. This is a potential weakness because the plan may not be effective in addressing incidents related to these new services or technologies.
Option A is incorrect because we do not have any information that the plan places too much emphasis on already implemented security controls. The plan's content is unknown, so we cannot make such assumptions without evaluating it.
Option B is incorrect because we are told that the plan is implemented regularly. Therefore, the plan is implemented, but it may not be updated for new services.
Option D is incorrect because we do not know whether the incident response plan follows AWS best practices or not. Even if it does follow best practices, it may still need updating to cater to the company's new services and technologies.
