CompTIA CySA+ CS0-003 Practice Question
During a tabletop exercise, the incident response team of a financial services firm is presented with a scenario where a phishing campaign has led to the compromise of multiple employee credentials. What is the PRIMARY purpose of conducting this type of exercise?
To train the incident response team on new security tools
To evaluate and improve the incident response plan by simulating a realistic incident scenario
To document the response actions for legal compliance purposes
To repair any damages caused by the simulated phishing attack