CompTIA CySA+ (CS0-002) — Question 51

A company recently experienced financial fraud, which included shared passwords being compromised and improper levels of access being granted.

The company has asked a security analyst to help improve its controls. Which of the following will MOST likely help the security analyst develop better controls?

Answer options

• A. An evidence summarization
• B. An incident response plan
• C. A lessons-learned report
• D. An indicator of compromise

Correct answer: C

Explanation

The correct answer is C, as a lessons-learned report provides insights into what went wrong during the fraud incident and helps identify gaps in security practices. Options A, B, and D do not focus specifically on the evaluation and improvement of controls based on past incidents like option C does.