Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 103

A security engineer discovers that a spreadsheet containing confidential information for nine of their employees was fraudulently posted on a competitor's website.
The spreadsheet contains names, salaries, and social security numbers. What is the next step the engineer should take in this investigation?

Answer options

• A. Determine if there is internal knowledge of this incident.
• B. Check incoming and outgoing communications to identify spoofed emails.
• C. Disconnect the network from Internet access to stop the phishing threats and regain control.
• D. Engage the legal department to explore action against the competitor that posted the spreadsheet.

Correct answer: D

Explanation

The correct answer is D because involving the legal department is essential for exploring potential legal actions against the competitor who posted the sensitive information. Options A, B, and C do not directly address the immediate need for legal recourse, as they focus on internal awareness, communication checks, and network isolation, which are not the priority in this situation.