Answer-first summary for fast verification
Answer: First, isolate the affected systems to prevent further damage, then conduct a thorough investigation to understand the breach's scope and cause, followed by notifying relevant stakeholders as required, and finally, implement measures to prevent future breaches.
The best approach to handling a data breach involves a balanced and phased response. Immediate isolation of affected systems is crucial to prevent further damage. Following containment, a thorough investigation helps understand the breach's scope and cause, which is essential for effective remediation and compliance with legal and regulatory requirements. Notifying stakeholders should be done based on the investigation's findings to ensure accurate and responsible communication. Finally, implementing preventive measures is key to enhancing the organization's security posture against future threats. This comprehensive approach ensures both immediate and long-term security and compliance.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization, which utilizes Microsoft 365, has recently fallen victim to a sophisticated phishing attack leading to a significant data breach. The breach has potentially exposed sensitive customer data. As the Cybersecurity Architect, you are tasked with leading the response to this incident. Considering the need for rapid containment, thorough investigation, regulatory compliance, and future prevention, which of the following steps should you prioritize? (Choose the best single option)
A
Immediately isolate the affected systems and restrict access to minimize further damage, without conducting any preliminary analysis to avoid delays.
B
Focus solely on identifying the cause and extent of the breach, delaying any containment measures to ensure the investigation is not hindered.
C
Notify all stakeholders, including management, legal, and regulatory authorities, before understanding the full scope of the breach to ensure transparency.
D
First, isolate the affected systems to prevent further damage, then conduct a thorough investigation to understand the breach's scope and cause, followed by notifying relevant stakeholders as required, and finally, implement measures to prevent future breaches.
E
All of the above.