A security operations team recently detected a breach of credentials. The team mitigated the risk and followed proper processes to reduce risk. Which of the following processes would BEST help prevent this issue from happening again?
A. Risk assessment
B. Chain of custody
C. Lessons learned
D. Penetration test