Examice

Exam 712-50 All QuestionsBrowse all questions from this exam

Question 105

Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements.

During your investigation of the rumored compromise, you discover that data has been breached and that the repository of stolen data is on a server located in a foreign country. Your team now has full access to the data on the foreign server.

What action should you take FIRST?

Consult with other executives to develop an action plan

Contract with a credit reporting company for paid monitoring services for affected customers

Contact your local law enforcement agency

Destroy the repository of stolen data

Correct Answer: C

The correct action to take first in this scenario is to contact your local law enforcement agency. When dealing with a data breach, especially one that involves criminal activity and international elements, it is crucial to involve law enforcement early. They can provide immediate assistance in navigating the legal complexities, help in coordinating efforts to secure the data, and ensure compliance with legal requirements. Local law enforcement can also liaise with international authorities if necessary, making it the most appropriate initial step.

Discussion

arifbhatkarOption: A

While involving law enforcement (Option C) is important, it is typically advisable to consult with other executives and develop an action plan before contacting them. This ensures that the organization has a clear understanding of the situation and can provide relevant information to law enforcement, enabling a more focused and productive engagement with the authorities.

Pika26Option: C

Answer is C.

johndoe69Option: B

The data is on a server located in a foreign country. Your local law enforcement has no power in a foreign country, for example if the server is located in Russia, Iran, North Korea or China. Contacting law enforcement in that foreign country will be of no use either. Have a plan of action on how to deal with that data on the server you now have access to is more important.

nshamsOption: C

local law is important for any dependent actions

Ath3na89Option: C

Priority of contacting local law enforcement (Option C) typically takes precedence in cases where criminal activity is involved, especially when dealing with international elements. Law enforcement can provide immediate assistance in navigating the legal complexities of dealing with a data breach that spans jurisdictions, and their involvement is critical for legal compliance and potentially for coordinating efforts to secure the data and mitigate further risks.