When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:

Posted by: Pdfprep Category: CISM Tags: , ,

When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:
A . the information security steering committee.
B . customers who may be impacted.
C . data owners who may be impacted.
D . regulatory- agencies overseeing privacy.

Answer: C

Explanation:

The data owners should be notified first so they can take steps to determine the extent of the damage and coordinate a plan for corrective action with the computer incident response team. Other parties will be notified later as required by corporate policy and regulatory requirements.

Leave a Reply

Your email address will not be published.