Data Breach — CompTIA CySA+ (CS0-003) Practice Questions
A data breach is an incident in which sensitive, protected, or confidential information is accessed, disclosed, or exfiltrated by an unauthorized party, whether through external attack, insider action, or accidental exposure. The CySA+ exam covers how analysts detect breaches using DLP alerts, SIEM correlations, and network traffic analysis, and how they contain and eradicate the threat while preserving evidence. Candidates must also understand breach notification requirements, which vary by jurisdiction and industry regulation, and the role of post-incident analysis in preventing recurrence.
Free questions on data breach
A security analyst needs to report a data breach affecting 50,000 customers to executives and regulatory bodies. Which information should be prioritized in the initial notification?
Free question · medium · full answer + explanation
More data breach questions in the full bank
- When responding to a confirmed data breach, what is the FIRST priority? Unlock answer & explanation →