When a significant security breach occurs, what should be reported FIRST to senior
management?
A.
A summary of the security logs that illustrates the sequence of events
B.
An explanation of the incident and corrective action taken
C.
An analysis of the impact of similar attacks at other organizations
D.
A business case for implementing stronger logical access controls
Explanation:
When reporting an incident to senior management, the initial information to be communicated
should include an explanation of what happened and how the breach was resolved. A summary of
security logs would be too technical to report to senior management. An analysis of the impact of
similar attacks and a business case for improving controls would be desirable; however, thesewould be communicated later in the process.