Exam CS0-003 topic 1 question 401 discussion

A. Law enforcement involvement B. Compliance with regulatory requirements Here's why: A. Law enforcement involvement: In cases of cybercrime or incidents involving criminal activity, law enforcement may need to be involved. This is an external requirement that organizations must comply with when handling certain incidents, particularly those that involve breaches of sensitive data, fraud, or attacks that violate the law. B. Compliance with regulatory requirements: Organizations must often comply with various legal and regulatory requirements that mandate how incidents should be reported and managed. These requirements can include notifying regulatory bodies about data breaches, financial impacts, or specific compliance obligations depending on the industry (e.g., GDPR, HIPAA, or PCI-DSS). Failing to comply with these regulations can lead to significant fines and legal consequences.

Initially thought it was B and C. Here's ChatGPT 's (o1 model) answer: "From a CySA+ perspective, “external requirements” for incident‐management communication generally refer to mandates that come from outside the organization, such as government laws or imposed industry frameworks. In this context, the two best choices are: B. Compliance with regulatory requirements (e.g., HIPAA, GDPR, PCI DSS) F. Framework guidelines (e.g., NIST 800-series, ISO 27001, COBIT) These two options represent external rules and standards that are typically imposed (rather than chosen) by regulatory bodies or industry frameworks and must be followed when handling and communicating about security incidents."