Scenario: Your corporate systems have been under constant probing and attack from foreign IP addresses for more than a week. Your security team and security infrastructure have performed well under the stress. You are confident that your defenses have held up under the test, but rumors are spreading that sensitive customer data has been stolen and is now being sold on the Internet by criminal elements.
During your investigation of the rumored compromise you discover that data has been breached and you have discovered the repository of stolen data on a server located in a foreign country. Your team now has full access to the data on the foreign server.
What action should you take FIRST?
A . Consult with other C-Level executives to develop an action plan
B . Contract with a credit reporting company for paid monitoring services for affected customers
C . Contact your local law enforcement agency
D . Destroy the repository of stolen data
Answer: A
Leave a Reply