This might be a misunderstanding on my part, but it looks to me that security incident response can't make up it's mind if it's a 4, 5, 6 or 7 step process? I noticed during my practice exams that one exam said it was 4 steps, the other test platform says its 5. Then I went and googled it and it only got more confusing with 7 steps popping up. Can any elaborate on this? or just clear up the misunderstanding if there is one.