Which of the following should be the PRIMARY focus of a post-incident review following a successful response to a cybersecurity incident?
A . Which control failures contributed to the incident
B . How incident response processes were executed
C . What attack vectors were utilized
D . When business operations were restored
Answer: D