During an audit as a third party security consultant you are told that the organization being audited conducts an exercise annually during which prominent IT staff and the security team gather in a meeting room and discuss how they would handle various security incidents and disaster scenarios. This exercise is then used to update any policies and playbooks. What type of exercise are they describing?

  • Business Impact Exercise (BIE)
  • Tabletop Exercise
  • Incident Response Planning (IRP)
  • DR Planning
  • Dungeons and Dragons (DND)

CompTIA Security+ SY0-601
  • Attacks, Threats, and Vulnerabilities
  • Architecture and Design
  • Implementation
  • Operations and Incident Response
    • This question is filed here
  • Governance, Risk, and Compliance