An organization has verified that its customer information was recently exposed.
Which of the following is the FIRST step a security manager should take in this situation?
A . Inform senior management.
B . Determine the extent of the compromise.
C . Report the incident to the authorities.
D . Communicate with the affected customers.
Answer: B
Explanation:
Before reporting to senior management, affected customers or the authorities, the extent of the exposure needs to be assessed.