CertNexus Certified Cyber Secure Coder (CSC) — Question 32

A government organization responsible for critical infrastructure is being attacked and files on the server been deleted. Which of the following are the most immediate communications that should be made regarding the incident? (Choose two.)

Answer options

• A. Notifying law enforcement
• B. Notifying the media
• C. Notifying a national compute emergency response team (CERT) or cybersecurity incident response team (CSIRT)
• D. Notifying the relevant vendor
• E. Notifying a mitigation expert

Correct answer: C, E

Explanation

The most immediate actions involve notifying a national CERT or CSIRT and a mitigation expert, as they can provide specialized support for incident response and recovery. Notifying law enforcement and the media, while important, are not as critical in the immediate response phase, and contacting a vendor may not be necessary until after the incident is contained.