CERTIFIED-IN-CYBERSECURITY · Question #484
CERTIFIED-IN-CYBERSECURITY Question #484: Real Exam Question with Answer & Explanation
The correct answer is B: Employee records. During an incident response, the focus is on identifying, containing, and remediating the security incident. Collecting employee data is unnecessary for this process and could lead to potential privacy violations (see the ISC2 Study Guide, Chapter 2, Module 1). For example, if an
Question
Which of the following types of data should NOT be collected during an incident response?
Options
- ALog files
- BEmployee records
- CSystem configurations
- DNetwork traffic
Explanation
During an incident response, the focus is on identifying, containing, and remediating the security incident. Collecting employee data is unnecessary for this process and could lead to potential privacy violations (see the ISC2 Study Guide, Chapter 2, Module 1). For example, if an organization's network has been breached, the incident response team would focus on collecting data such as log files, network traffic, and system configurations. This type of data can provide critical insight into the incident, such as when it occurred, how the breach occurred, and what systems were affected. On the other hand, employee records typically would not provide useful information for resolving the incident, and their collection could violate employee privacy rights. The other options are all important types of data to collect during an incident response. Log files can help establish a timeline of events, network traffic can reveal the attacker's activities, and system configurations can provide valuable context about the state of the systems at the time of the incident. Therefore, these types of data should be collected during an incident response.
Topics
Community Discussion
No community discussion yet for this question.