Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
Your organization, which utilizes Microsoft 365, has recently fallen victim to a sophisticated phishing attack leading to a significant data breach. The breach has potentially exposed sensitive customer data. As the Cybersecurity Architect, you are tasked with leading the response to this incident. Considering the need for rapid containment, thorough investigation, regulatory compliance, and future prevention, which of the following steps should you prioritize? (Choose the best single option)
Explanation:
The best approach to handling a data breach involves a balanced and phased response. Immediate isolation of affected systems is crucial to prevent further damage. Following containment, a thorough investigation helps understand the breach's scope and cause, which is essential for effective remediation and compliance with legal and regulatory requirements. Notifying stakeholders should be done based on the investigation's findings to ensure accurate and responsible communication. Finally, implementing preventive measures is key to enhancing the organization's security posture against future threats. This comprehensive approach ensures both immediate and long-term security and compliance.