9d • 🙋♂️ CISSP
CISSP Practice Question (Domain 7: Security Operations / Incident Response & Legal Coordination)
During an active breach investigation, the incident response team discovers indicators suggesting a third party service provider may be the initial intrusion vector. Legal warns that premature notification could expose the company to liability, while operations wants immediate coordination to contain spread.
What is the MOST appropriate action to take NEXT?
A. Notify the service provider immediately with full technical findings
B. Isolate affected integrations and preserve evidence before notification
C. Escalate directly to law enforcement to avoid vendor disputes
D. Delay all action until legal approves external communication
Come back for the answer tomorrow, or study more now!
2
23 comments
CISSP Practice Question (Domain 7: Security Operations / Incident Response & Legal Coordination)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+66
2
+56
3
+41
4
+40
5
+22
Powered by