ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
While monitoring an AWS-hosted application late at night, a junior analyst sees unusually high outbound traffic that may indicate data exfiltration. The incident response lead begins executing the organization's incident communication plan. According to NIST SP 800-61 guidance on detection, analysis, and escalation, which feature of the plan most directly enables the team to distribute timely, accurate, and consistent information to all affected stakeholders and avoid misinformation?
Instructions for technical staff to purge security logs until an official statement can be drafted.
A rule that all customer-facing services must be taken offline immediately after any suspicious network alert.
A requirement that no information may be shared externally until the CEO personally conducts a press conference.
Predefined stakeholder contact details and standardized notification templates vetted by legal and public-relations teams.
NIST SP 800-61 Rev. 2 states that an incident communication plan should contain up-to-date contact lists and pre-approved message templates so responders can quickly reach the right internal and external parties and relay consistent information without having to craft ad-hoc wording during a stressful event. This accelerates notification, reduces the chance of contradictory or incomplete statements, and supports coordinated public-relations and legal requirements. Simply mandating service shutdowns, deleting logs, or delaying messages until after legal review does not fulfill the objective of rapid, accurate communication and may actually hinder effective response.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is NIST SP 800-61?
Open an interactive chat with Bash
Why are predefined contact details and notification templates important in incident response?
Open an interactive chat with Bash
What is data exfiltration, and why is it a concern?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Incident Response and Recovery
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .