PrepAway - Latest Free Exam Questions & Answers

The PRIMARY objective of performing a postincident revi…

The PRIMARY objective of performing a postincident review is that it presents an opportunity to:

PrepAway - Latest Free Exam Questions & Answers

A.
improve internal control procedures.

B.
harden the network to industry best practices.

C.
highlight the importance of incident response management to management.

D.
improve employee awareness of the incident response process.

Explanation:
A postincident review examines both the cause and response to an incident. The lessons learned from the
review can be used to improve internal controls. Understanding the purpose and structure of postincident
reviews and follow-up procedures enablesthe information security manager to continuously improve the security
program. Improving the incident response plan based on the incident review is an internal (corrective) control.The network may already be hardened to industry best practices. Additionally, the network may not be the
source of the incident. The primary objective is to improve internal control procedures, not to highlight the
importance of incident response management (IRM), and an incident response (IR) review does not improve
employee awareness.


Leave a Reply