A post-incident review should be conducted by an incide…

A post-incident review should be conducted by an incident management team to determine:

A post-incident review should be conducted by an incident management team to determine:

A.
relevant electronic evidence.

B.
lessons learned.

C.
hacker’s identity.

D.
areas affected.

Explanation:
learned from the attack. Evaluating the relevance of evidence, who launched the attack or what areas were affected are not the primary purposes for such a meeting because these should have been already established during the response to the incident.



Leave a Reply 0

Your email address will not be published. Required fields are marked *