CISM Certified Information Security Manager – Question1378 - CISM Certified Information Security Manager

A customer credit card database has been breached by hackers. The FIRST step in dealing with this attack should be to:

A. confirm the incident.
B. notify senior management.
C. start containment.
D. notify law enforcement.

Correct Answer: A

Explanation:

Explanation:
Asserting that the condition is a true security incident is the necessary first step in determining the correct response. The containment stage would follow. Notifying senior management and law enforcement could be part of the incident response process that takes place after confirming an incident.