ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 159 discussion

Actual exam question from CompTIA's CS0-002
Question #: 159
Topic #: 1
[All CS0-002 Questions]

During an incident, it is determined that a customer database containing email addresses, first names, and last names was exfiltrated. Which of the following should the security analyst do NEXT?

  • A. Consult with the legal department for regulatory impact.
  • B. Encrypt the database with available tools.
  • C. Email the customers to inform them of the breach.
  • D. Follow the incident communications process.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by adamhoms at Sept. 21, 2022, 12:57 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pavel019846457
1 year, 8 months ago
Selected Answer: D
Incident communication process should include legal department as well.
upvoted 1 times
...
cyberrae
2 years, 2 months ago
Selected Answer: A
Now I understand the answering being A - the question is saying this incident is occurring so the security should consult with legal next. If the incident just occurred or been discovered, then the next steps should be to follow the incident communications plan
upvoted 2 times
...
gwanedm
2 years, 7 months ago
Selected Answer: B
I see this as B. remember the incident response procedures. They've determined an incident has taken place (Detection and Analysis). The next phase is containment which is limit the scope and magnitude of the incident
upvoted 1 times
...
jchutch2
2 years, 9 months ago
Selected Answer: D
D positively Per CompTIA's study guide, including legal representatives should be part of the communications plan.
upvoted 4 times
2Fish
2 years, 3 months ago
Agree. Communications process should include legal.
upvoted 1 times
...
...
Adrian831
2 years, 9 months ago
Selected Answer: D
Definitely D
upvoted 1 times
...
amateurguy
2 years, 9 months ago
Selected Answer: D
I think D is the best choice, wouldn't the incident communications process include contacting the legal department?
upvoted 2 times
Treymb6
2 years, 9 months ago
I feel like the legal department is the safest bet. It is going to be a little different for each state. Consulting legal department is all around safest option.
upvoted 1 times
...
...
Cizzla7049
2 years, 9 months ago
Selected Answer: D
D. Communication with law enforcement and then affected customers
upvoted 1 times
...
adamhoms
2 years, 9 months ago
lawyers should be consulted if an incident involves sensitive data (personally identifiable information, protected health information, payment card data, etc.) or could otherwise subject the company to liability. Accordingly, an effective incident response plan addresses the nuts and bolts of handling ordinary incidents, but also has well-defined triggers of when Legal should be called and how the legal team will interact with the rest of the response unit. That way, it is much less likely that someone says, “hey, maybe we should call Legal” too late in the process.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel