🔥 3-day streak
ISACA CISM — Certified Information Security Manager39 / 121
Question 39 of 121

Following a sophisticated malware incident, the response team has removed the malicious code, patched the exploited vulnerability, and restored affected systems from clean backups. Business operations have resumed normally. Before formally declaring the incident closed, what should the incident manager ensure is done FIRST?

Reviewed for accuracy · Report an issueNext question