CISSP · Question #345
A security analyst for a large financial institution is reviewing network traffic related to an incident. The analyst determines the traffic is irrelevant to the investigation but in the process of th
The correct answer is C. Follow organizational processes to alert the proper teams to address the issue.. Upon discovering a critical PCI-DSS violation involving clear text credit card data transfer, a security analyst must prioritize reporting this new security issue according to established organizational processes.
Question
Options
- ASend the log file co-workers for peer review
- BInclude the full network traffic logs in the incident report
- CFollow organizational processes to alert the proper teams to address the issue.
- DIgnore data as it is outside the scope of the investigation and the analyst's role.
How the community answered
(39 responses)- A10% (4)
- B21% (8)
- C64% (25)
- D5% (2)
Why each option
Upon discovering a critical PCI-DSS violation involving clear text credit card data transfer, a security analyst must prioritize reporting this new security issue according to established organizational processes.
Sending log files for peer review is an analytical step and does not constitute the immediate, actionable next step for reporting and addressing a critical security and compliance violation.
Including irrelevant network traffic logs in the original incident report is inappropriate and does not facilitate the proper handling and remediation of the newly discovered critical security vulnerability.
Upon discovering a critical security vulnerability and compliance violation, such as clear text credit card data, the analyst's immediate next step is to follow established organizational incident response and reporting procedures. This ensures the unauthorized data transfer is properly escalated to the appropriate teams (e.g., application owners, security operations, compliance) for thorough investigation and remediation, even if it was found during an unrelated security review. This adherence to protocol is critical for maintaining compliance and organizational security posture.
Ignoring a critical security and compliance violation, especially involving sensitive data like credit card information, is a negligent and unacceptable action for a security analyst.
Concept tested: Organizational security incident reporting and escalation procedures
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
Topics
Community Discussion
No community discussion yet for this question.