🔥 3-day streak
CompTIA SecurityX (CAS-005)53 / 120
Question 53 of 120

After a major ransomware incident, a security operations manager is asked to establish measurable improvements for the incident response program. During the lessons-learned review, the team notes that although the malware was contained quickly, three days passed between the initial phishing compromise and the first analyst alert. The manager wants to select a single metric that most directly targets this specific weakness so improvement can be tracked over future incidents. Which metric should the manager prioritize?

Reviewed for accuracy · Report an issueNext question