🔥 3-day streak
CompTIA SecurityX (CAS-005)71 / 120
Question 71 of 120

Following a major outage caused by a ransomware infection that spread from a single phishing-compromised workstation, the incident response team has completed containment and full recovery. During the lessons-learned meeting, the security manager wants to ensure the review produces durable improvements rather than assigning individual blame. Which approach BEST supports identifying systemic corrective actions at the root-cause level?

Reviewed for accuracy · Report an issueNext question