CompTIA CASP+ (CAS-003) — Question 272

During a recent incident, sensitive data was disclosed and subsequently destroyed through a properly secured, cloud-based storage platform. An incident response technician is working with management to develop an after action report that conveys critical metrics regarding the incident.
Which of the following would be MOST important to senior leadership to determine the impact of the breach?

Answer options

• A. The likely per-record cost of the breach to the organization
• B. The legal or regulatory exposure that exists due to the breach
• C. The amount of downtime required to restore the data
• D. The number of records compromised

Correct answer: B

Explanation

The most important factor for senior leadership is the legal or regulatory exposure that arises from the breach, as it can lead to significant penalties and affect the organization's reputation. While the per-record cost, downtime, and number of records compromised are important metrics, they do not carry the same weight in terms of long-term organizational impact as the potential legal consequences.