Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 438

A Chief Information Security Officer (CISO) received a call from the Chief Executive Officer (CEO) about a data breach from the SOC lead around 9:00 a.m. At 10:00 a.m. The CEO informs the CISO that a breach of the firm is being reported on national news. Upon investigation, it is determined that a network administrator has reached out to a vendor prior to the breach for information on a security patch that failed to be installed. Which of the following should the CISO do to prevent this from happening again?

Properly triage events based on brand imaging and ensure the CEO is on the call roster.

Create an effective communication plan and socialize it with all employees.

Send out a press release denying the breach until more information can be obtained.

Implement a more robust vulnerability identification process.

Correct Answer: B

To prevent a scenario where the CEO learns about a data breach from external sources rather than through internal communication channels, it is crucial to create an effective communication plan and socialize it with all employees. This ensures that everyone understands the protocol for reporting incidents up the chain of command promptly, allowing for coordinated responses and better management of public relations.

Discussion

armid

prevent what from happening, if the mess around being on the news first than knowgin internally, then B if to try to prevent breach like this, then D :/

isaphiltrickOption: B

The issue is not about the breach itself but rather about how the CEO had to tell the CISO about the breach and not the other way around, which shows that they lack a communication plan. In most cases, these types of incidents should have been gone up the chain from network admin to SOC lead to CISO and then to CEO. In that hour that passed (from 9am to 10am), they all could've come up with a game plan on how to spin the incident to the media.