Exam SY0-701 topic 1 question 427 discussion

When a company discovers that proprietary data has been compromised and advertised for sale on the dark web, the next step is to notify the applicable parties of the breach. This typically includes: Internal stakeholders (e.g., management, legal, and compliance teams) to ensure they are aware of the situation. Affected individuals or entities (e.g., customers, partners, employees) who may be impacted by the data breach. Regulatory authorities (depending on the jurisdiction and nature of the breach, such as GDPR for EU residents, or similar data protection laws elsewhere) to ensure compliance with breach notification laws. Prompt notification helps mitigate the impact, provide guidance to affected parties, and ensure that any required legal or regulatory actions are taken

If the data is proprietary, by definition, it's owned by the company. It doesn't mention that there is customer information. And since it's listed on the dark web, the illegality is defined as well. I would think the answer would be B.

Data being exfiltrated and sold on the dark web is not legal. It might be required by regulations to notify the local authorities first.

Since proprietary data has already been leaked, the next critical step is to determine how the attacker gained access to prevent further breaches. This involves: - Reviewing logs to identify unauthorized access. - Analyzing network activity to find anomalies. - Checking for exploited vulnerabilities or compromised credentials. Without understanding the entry method, the company cannot effectively contain the breach or prevent similar incidents in the future. Why containment comes first: If the breach is still ongoing, attackers may still have access, making notifications premature. - Understanding the attack vector allows the company to stop further data exfiltration and ensure accurate reporting. Regulatory bodies and affected parties will likely ask: - How did the breach happen? - What data was accessed? - What remediation steps are in place? Without containment and investigation, the company may provide incomplete or incorrect information. Therefore Answer A: Identify the attackers's entry methods is the correct answer

The correct answer is: B. Report the breach to the local authorities. Explanation: Once a company discovers that its proprietary data has been advertised for sale on the dark web, it is crucial to involve law enforcement. Reporting the breach to the local authorities ensures that the incident is formally recorded and investigated. Authorities can assist in tracking down the perpetrators, determining the scope of the breach, and taking legal action. In many jurisdictions, reporting data breaches involving sensitive or proprietary data is not only best practice but may also be a legal requirement.

The first step after discovering a data breach is to notify the affected parties. This includes notifying customers, employees, and regulatory authorities, as required by applicable laws and regulations. The specific notification requirements will vary depending on the jurisdiction and the nature of the data that was breached.

The next step after discovering a breach is to comply with legal and regulatory obligations, which often include notifying affected or applicable parties. This could involve: Informing customers or business partners whose data was compromised. Meeting compliance requirements for breach notifications under laws like GDPR or CCPA. While reporting might be necessary depending on the jurisdiction, it usually follows notifying affected parties as per breach notification requirements.

Once a company discovers that proprietary data has been compromised and is being sold on the dark web, it is critical to report the breach to the authorities. This is important for several reasons: Legal requirements: Many regions have laws and regulations that mandate reporting data breaches to authorities, especially when sensitive or proprietary data is involved. Investigation: Law enforcement can assist in investigating the breach, tracking the attackers, and taking further legal action. Collaboration: Authorities may have additional resources or intelligence that can aid in understanding the scale of the breach and identifying the attackers.