Free CompTIA Security+ SY0-701 Practice Question

During a post-incident review meeting, a security analyst is tasked with improving the incident response process based on recent events. Which of the following actions would BEST ensure a positive impact on future incident response capabilities?

  • Updating the Incident Response Plan with specific improvements identified from the incident.

  • Deciding that the existing Incident Response Plan is sufficient since the incident was eventually contained.

  • Conducting a review of historical incident trends without making changes to existing procedures.

  • Revising all security training materials without assessing their relevance to the incident.

This question's topic:
CompTIA Security+ SY0-701 / 
Security Operations
Your Score:

Check or uncheck an objective to set which questions you will receive.