An organization has decided to conduct a postmortem analysis after experiencing a loss from an information security attack. The PRIMARY purpose of this analysis should be to:
A. prepare for criminal prosecution.
B. document lessons learned.
C. evaluate the impact.
D. update information security policies.
A. prepare for criminal prosecution.
B. document lessons learned.
C. evaluate the impact.
D. update information security policies.