After a significant security incident has been resolved, how would you contribute to building a comprehensive incident report for management? What sections should the report include, and how should technical details be communicated to a non-technical audience?

Sample answer preview

Contributing to a comprehensive incident report is an important responsibility, even for L1 analysts. While a senior analyst or incident manager typically owns the final report, L1 analysts provide the foundational data that makes the report accurate and complete.