CompTIA Security Plus Mock Test Q474

A computer security officer has investigated a possible data breach and has found it credible. The officer notifies the data center manager and the Chief Information Security Officer (CISO). This is an example of:

A. escalation and notification.
B. first responder.
C. incident identification.
D. incident mitigation.

Correct Answer: A
Section: Compliance and Operational Security

Explanation:
Escalation and notification is a response strategy that outlines a staged procedure of escalation and notification that is to be followed in the event of a security incident. Only those in specific positions of authority or responsibility must receive notification of the security breach.

Incorrect Answers:
B: The first responder is the term used to describe the person who initiates the incident response.
C: Incident identification is the first step in responding to an incident.
D: Incident mitigation is the actual step of responding to the incident so as to reduce risk, prevent recurrence and start the recovery process.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 449
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 107-108