CompTIA CySA+ (CS0-002) — Question 130

An incident response team is responding to a breach of multiple systems that contain PII and PHI. Disclosure of the incident to external entities should be based on:

Answer options

• A. the responder's discretion.
• B. the public relations policy.
• C. the communication plan.
• D. the senior management team's guidance.

Correct answer: C

Explanation

The correct answer is C, as a communication plan outlines the protocols for informing external parties about incidents. Options A and B are less formal and do not ensure a consistent approach, while D relies on senior management's guidance, which may not be specifically tailored to incident communication.