A multinational organization was hacked, and the incident response team’s timely action prevented a major disaster. Following the event, the team created an after action report. Which of the following is the primary goal of an after action review?
A.
To gather evidence for subsequent legal action
B.
To determine the identity of the attacker
C.
To identify ways to improve the response process
C. To identify ways to improve the response process
After action reviews are conducted to assess the effectiveness of the response process, identify any gaps or weaknesses, and determine how the organization can improve its incident response in the future. It is not primarily focused on gathering legal evidence or identifying attackers but rather on learning from the incident to enhance security practices.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
cf13076
6 months, 3 weeks ago