CompTIA Security+ SY0-701 Practice Question
Which activity is MOST critical for an organization to perform when establishing an incident response capability to ensure effectiveness during security incidents?
Conducting regular employee background checks
Distributing the employee security handbook
Holding a retrospective meeting to discuss incident handling
Developing and documenting the incident response policy