After the occurrence of a major information security incident, which of the following will BEST help an information security manager determine corrective actions?
A. Calculating cost of the incident
B. Conducting a postmortem assessment
C. Preserving the evidence
D. Performing am impact analysis
A. Calculating cost of the incident
B. Conducting a postmortem assessment
C. Preserving the evidence
D. Performing am impact analysis