To prevent disasters from happening

To minimize the impact of disasters on the organization

To recover the lost data and resume normal operations

To document the lessons learned from disasters

Backup systems, generators, communication devices, and emergency kits

Fire extinguishers, smoke detectors, alarms, and sprinklers

Insurance policies, contracts, legal documents, and financial records

All of the above

Once a year

After every major change in the organization or environment

Whenever there is a new threat or vulnerability

All of the above

Containment

Identification

Recovery

Eradication

To define the roles and responsibilities of the incident response team

To document the procedures and guidelines for responding to incidents

To establish the goals and objectives of the incident response function

All of the above

To review and update the policy regularly based on feedback and lessons learned

To create a generic policy that can be applied to any type of incident

To keep the policy confidential and only share it with senior management

To avoid testing and auditing the policy to prevent disruptions

To prevent unauthorized access to your personal and confidential information

To make it easier for you to remember your password

To avoid getting spam emails and phishing messages

To comply with the legal and regulatory requirements of your organization