Weekly CISSP Exam Questions
Question: After a data breach, what's the FIRST step to undertake?
A. Inform the media
B. Conduct root cause analysis
C. Contain the incident
D. Inform affected clients
Correct Answer: C
Explanation:
Inform the media: While it's essential to inform the media and the public, doing so should come after the incident has been contained and properly assessed. Sharing premature or inaccurate information could lead to confusion and further issues.
Conduct root cause analysis: Understanding the root cause of the breach is vital for preventing future incidents, but this often takes time and should come after immediate containment measures have been put in place.
Contain the incident: Containment is generally the first step after identifying a breach. It involves taking immediate action to stop unauthorized activity, such as isolating affected systems from the network, revoking access credentials, or shutting down certain services. This is critical to limit the damage and scope of the breach.
Inform affected clients: Notifying affected parties is a legal and ethical requirement, but it generally comes after containment and assessment. You'll need to know the scope and impact of the breach to inform affected parties accurately.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
