Implementing Cisco Cybersecurity Operations (SECOPS, legacy) — Question 3

Which option can be addressed when using retrospective security techniques?

Answer options

• A. if the affected host needs a software update
• B. how the malware entered our network
• C. why the malware is still in our network
• D. if the affected system needs replacement

Correct answer: B

Explanation

The correct answer is B because retrospective security techniques focus on analyzing past events to determine the entry points of threats like malware. The other options address different aspects of system management or response rather than the investigation of the initial intrusion method.