• Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

You work in the SOC of a U.S. federal agency where a data breach has just occurred. Multiple entities might need to be alerted, based on federal incident notification guidelines. However, which external stakeholder must you notify if the confidentiality, integrity, or availability of the system has been compromised?

  • Federal Bureau of Investigation (FBI)
  • Central Intelligence Agency (CIA)
  • United States Computer Emergency Readiness Team (US-CERT)
  • local district attorney’s office
Explanation & Hint:

If the confidentiality, integrity, or availability of a U.S. federal agency’s system has been compromised, you must notify the United States Computer Emergency Readiness Team (US-CERT). US-CERT is the primary federal agency responsible for coordinating responses to cybersecurity incidents in the United States, including those affecting federal agencies. They can provide guidance and assistance in managing and responding to such incidents.

While law enforcement agencies like the FBI may be involved in certain cases, US-CERT is the designated authority for reporting and handling cybersecurity incidents affecting federal agencies. It’s essential to follow the federal incident notification guidelines, and US-CERT plays a central role in that process.

For more Questions and Answers:

Security Operations Center Post-Assessment | CBROPS

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments