Which of the following is the MOST important reason for an IS auditor to examine the results of a post-incident review performed after a security incident?

QuestionsCategory: CISAWhich of the following is the MOST important reason for an IS auditor to examine the results of a post-incident review performed after a security incident?
Admin Staff asked 5 months ago
Which of the following is the MOST important reason for an IS auditor to examine the results of a post-incident review performed after a security incident?

A. To re-analyze the incident to identify any hidden backdoors planted by the attacker

B. To evaluate the effectiveness of the network firewall against future security breaches

C. To compare incident response metrics with industry benchmarks

D. To evaluate the effectiveness of continuous improvement efforts








 

Suggested Answer: D

Community Answer: D



This question is in CISA Certified Information Systems Auditor Exam
For getting Certified Information Systems Auditor (CISA) Certificate










Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA. 
Trademarks, certification & product names are used for reference only and belong to ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.

Next Post

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.