A breach was discovered after several customers reported fraudulent charges on their accounts. The attacker had exported customer logins and cracked passwords that were hashed but not salted. Customers were made to reset their passwords.
Shortly after the systems were cleaned and restored to service, it was discovered that a compromised system administrator’s account was being used to give the attacker continued access to the network.
Which CIS Control failed in the continued access to the network?
A . Maintenance, Monitoring, and Analysis of Audit Logs
B . Controlled Use of Administrative Privilege
C . Incident Response and Management
D . Account Monitoring and Control
Answer: C