CISM Certified Information Security Manager – Question0782

During which phase of an incident response process should corrective actions to the response procedure be considered and implemented?

A.
Eradication
B. Review
C. Containment
D. Identification

Correct Answer: A