1. An organization needs access to backups of its data and applications in order to recover from a ransomware attack that encrypts its directory and critical information.
True
False
2. It is always best to tell the public everything a company knows about a cyber incident, including the technical details and potential perpetrators, irregardeless of the legal consequences.
True
False
3. During a post-incident review, an organization should identify areas in their incident response plan that require improvement and reconsideration in order to optimize response for future incidents.
True
False