CertNexus Certified Cyber Secure Coder (CSC) — Question 33

A company that maintains a public city infrastructure was breached and information about future city projects was leaked. After the post-incident phase of the process has been completed, which of the following would be PRIMARY focus of the incident response team?

Answer options

• A. Restore service and eliminate the business impact.
• B. Determine effective policy changes.
• C. Inform the company board about the incident.
• D. Contact the city police for official investigation.

Correct answer: B

Explanation

The primary focus after the post-incident phase is to assess and implement policy changes to prevent future breaches, making option B the correct choice. While restoring services, informing the board, and involving law enforcement are important, they are secondary to ensuring that effective policies are in place to enhance security and prevent recurrence.