The IT Security Analyst for a small organization is working on a customer’s system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion?
A . Contact the local authorities so an investigation can be started as quickly as possible.
B . Shut down the production network interfaces on the server and change all of the DBMS account passwords.
C . Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed.
D . Refer the issue to management for handling according to the incident response process.
Answer: D
Leave a Reply