Your organization, which utilizes Microsoft 365, has recently fallen victim to a sophisticated phishing attack leading to a significant data breach. The breach has potentially exposed sensitive customer data. As the Cybersecurity Architect, you are tasked with leading the response to this incident. Considering the need for rapid containment, thorough investigation, regulatory compliance, and future prevention, which of the following steps should you prioritize? (Choose the best single option)

Simulated

Immediately isolate the affected systems and restrict access to minimize further damage, without conducting any preliminary analysis to avoid delays.

0.0%

Focus solely on identifying the cause and extent of the breach, delaying any containment measures to ensure the investigation is not hindered.

0.0%

Notify all stakeholders, including management, legal, and regulatory authorities, before understanding the full scope of the breach to ensure transparency.

0.0%

First, isolate the affected systems to prevent further damage, then conduct a thorough investigation to understand the breach's scope and cause, followed by notifying relevant stakeholders as required, and finally, implement measures to prevent future breaches.

50.0%

All of the above.

50.0%

Microsoft Cybersecurity Architect Expert SC-100

Comments

Get started today