What is the first step the analyst should take to address this incident?

350-201 0 Comments

A patient views information that is not theirs when they sign in to the hospital’s online portal. The patient calls the support center at the hospital but continues to be put on hold because other patients are experiencing the same issue. An incident has been declared, and an engineer is now on the incident bridge as the CyberOps Tier 3 Analyst. There is a concern about the disclosure of PII occurring in real-time.

What is the first step the analyst should take to address this incident?
A . Evaluate visibility tools to determine if external access resulted in tampering
B . Contact the third-party handling provider to respond to the incident as critical
C . Turn off all access to the patient portal to secure patient records
D . Review system and application logs to identify errors in the portal code

Answer: C

Latest 350-201 Dumps Valid Version with 139 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 350-201 PDF     350-201 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments