After an incident, a security analyst needs to perform a forensic analysis to report complete information to a company stakeholder. Which of the following is most likely the goal of the forensic analysis in this case?
D. Determine root cause information
By understanding the root cause, the analyst can:
Identify vulnerabilities: Pinpoint weaknesses that were exploited.
Implement preventive measures: Take steps to prevent similar incidents in the future.
Improve incident response: Learn from the incident and refine response procedures.
Comply with regulations: Demonstrate due diligence and meet regulatory requirements.
I think this question is poor. It could be A in my opinion due to this being reported specifically for a company stakeholder and therefore a full picture may need to be provided.
The keywords that made me consider D instead of A are the words "existing risks" in answer A. I wouldn't want to assume that those risks still exist, they could've been eradicated/remediated during the IR process.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ChopSNap
Highly Voted 5 months agoCyde
Most Recent 2 months, 2 weeks agostudy_study
3 months agofafd232_
2 weeks, 6 days ago