Free ISACA CISM Actual Exam Questions - Question 5 Discussion
of the organization's ability to respond to a cyber attack?
C imo, simulated phishing directly tests user awareness and initial response, which is a big part of actual incident handling, unlike walkthroughs or just penetration tests.
B. A black box test is more about seeing how the team handles unknown threats in real-time, which really tests their actual response skills instead of just planning or simulated attacks.
I think B makes the most sense here because a black box test shows how the team reacts to unexpected attacks without prior knowledge, which really tests real response ability under pressure. B
A imo, walking through the plan helps spot gaps in coordination and decision-making, which is key for responding quickly. Tests are great, but without a clear plan walkthrough, the response can get messy.
It’s B. A black box penetration test really shows how well the defenses hold up when an attacker knows nothing about the system upfront. Unlike a red team exercise where insiders might have some info or advantages, black box testing simulates a real external threat more accurately. That makes it a solid way to measure actual response capability.
Option D, seems like the best real-world test of how they handle attacks.