🔥 3-day streak
ISACA CISM — Certified Information Security Manager49 / 121
Question 49 of 121

An information security manager wants to validate that the organization's newly documented incident response plan will function correctly during a real event, without disrupting production systems or requiring staff to perform actual technical recovery steps. The manager needs the response team to walk through their roles, decision points, and communication flows for a simulated ransomware scenario. Which testing method is MOST appropriate to meet these objectives?

Reviewed for accuracy · Report an issueNext question