🔥 3-day streak
Professional Security Operations Engineer33 / 241
Question 33 of 241
Following a confirmed business email compromise incident, your SecOps team completed a blameless post-incident review. The review produced eight corrective actions, ranging from enabling phishing-resistant MFA to updating a SOAR playbook that lacked an approval gate. Two weeks later, leadership asks the SOC manager to demonstrate that the incident's lessons are actually reducing organizational risk. Which practice BEST ensures the post-incident review translates into measurable risk reduction?
Reviewed for accuracy · Report an issueNext question