CompTIA CySA+ (CS0-002) — Question 381

The incident response team is working with a third-party forensic specialist to investigate the root cause of a recent intrusion. An analyst was asked to submit sensitive network design details for review. The forensic specialist recommended electronic delivery for efficiency, but email was not an approved communication channel to send network details. Which of the following BEST explains the importance of using a secure method of communication during incident response?

Answer options

• A. To prevent adversaries from intercepting response and recovery details
• B. To ensure intellectual property remains on company servers
• C. To have a backup plan in case email access is disabled
• D. To ensure the management team has access to all the details that are being exchanged

Correct answer: A

Explanation

Using a secure communication method is crucial to prevent adversaries from intercepting sensitive information related to incident response and recovery efforts, which could compromise the entire investigation. The other options, while relevant to data security, do not address the immediate risk of interception during an active incident response.