A cyber security analyst noticed a spike in activities from the guest wireless network to several electronic health record (EHR) systems. After further analysis, the analyst discovered that a large volume of data has been uploaded to a cloud provider in the last six months. Which of the following actions should the analyst do FIRST?
A. Contact the Office of Civil Rights (OCR) to report the breach
B. Put an ACL on the gateway router
C. Notify the Chief Privacy Officer (CPO)
D. Activate the incident response plan
---------------------------------------------------------------------------------------
Which of the following accurately describes what this log displays? A.
A. A vulnerability in jQuery
B. Application integration with an externally hosted database
C. A vulnerability scan performed from the Internet
D. A vulnerability in Javascript
Please expert answers only. Explain your answers into details for a thumbs up.
Answer)
1. The analyst here has discovered that significant amount of data
has been uploaded to the cloud provider, thus the following is the
valid action which should be taken:
B. Put an ACL on the gateway router
The analysis here firstly needs to block the continued possible exfiltration of data using the ACL before even proceeding with the incidence response. Thus here the first purpose would be the stop the uploading of data.
2. The following is the valid information which the log
displays:
C. A vulnerability scan performed from the Internet
This is the access log which is using the script running the vulnerability scan being performed from the Internet on the hosts to find possible vulnerabilities.
**Please Hit Like if you appreciate my answer. For further doubts on the or answer please drop a comment, I'll be happy to help. Thanks for posting.**
A cyber security analyst noticed a spike in activities from the guest wireless network to several...
A SIEM analyst noticed a spike in activities from the guest wireless network to several electronic health record (EHR) systems. After further analysis, the analyst discovered that a large volume of data has been uploaded to a cloud provider in the last six months. Which of the following actions should the analyst do FIRST? A. Contact the Office of Civil Rights (OCR) to report the breach B. Notify the Chief Privacy Officer (CPO) C. Put an ACL on the gateway...