A post-incident review should be conducted by an incident management team to determine:

A post-incident review should be conducted by an incident management team to determine:

A post-incident review should be conducted by an incident management team to determine:

A.
relevant electronic evidence.

B.
lessons learned.

C.
hacker’s identity.

D.
areas affected.

Explanation:

Post-incident reviews are beneficial in determining ways to improve the response process through
lessons learned from the attack. Evaluating the relevance of evidence, who launched the attack or
what areas were affected are not the primary purposes for such a meeting because these should
have been already established during the response to the incident.



Leave a Reply 0

Your email address will not be published. Required fields are marked *