CompTIA Security+ SY0-601 – Question036

The Chief Information Security Officer (CISO) requested a report on potential areas of improvement following a security incident. Which of the following incident response processes is the CISO requesting?


A.
Lessons learned
B. Preparation
C. Detection
D. Containment
E. Root cause analysis

Correct Answer: E