Which of the following would be MOST useful to an information security manager when conducting a post-incident review of an attack?
A. Details from intrusion detection system logs
B. Method of operation used by the attacker
C. Cost of the attack to the organization
D. Location of the attacker
A. Details from intrusion detection system logs
B. Method of operation used by the attacker
C. Cost of the attack to the organization
D. Location of the attacker