Two weeks after an incident involving ransomware, the members of an organization want to review the incident in detail. Which of the following actions should be done during this review? Select all that apply.

Sound the Alarm: Detection and Response | Weekly challenge 3 Quiz | 

Two weeks after an incident involving ransomware, the members of an organization want to review the incident in detail. Which of the following actions should be done during this review? Select all that apply.

  • Determine the person to blame for the incident.
  • Schedule a lessons learned meeting that includes all parties involved with the security incident.
  • Create a final report.
  • Determine how to improve future response processes and procedures.

 

Leave a Comment