ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
While reviewing an AWS CloudTrail log shared in a team Slack channel, a security analyst notices that a teammate has hard-coded production access keys in a public Git repository. The company's information security policy states that any suspected security or policy violation must be escalated through the compliance hotline before any other action is taken. To remain consistent with the organization's code of ethics, what should the analyst do first?
Delete the repository to eliminate the risk, then inform the team after the fact.
Immediately notify the company's compliance hotline about the exposed keys and await further instructions.
Privately ask the teammate to remove the keys, then continue monitoring the repository for new commits.
Post a warning in the public Slack channel so everyone is aware of the mistake.
Most organizational codes of ethics require employees to act responsibly and protect the organization by reporting any suspected violations through the designated channels. Using or deleting the exposed keys before an authorized investigation could impede forensic analysis, and confronting the teammate directly risks retaliation or concealment. Discussing the issue informally in a public channel further exposes sensitive information and violates confidentiality. Therefore, immediately notifying the compliance hotline, as prescribed by policy, is the action that best aligns with the organization's ethical requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to report security violations through the compliance hotline?
Open an interactive chat with Bash
What is AWS CloudTrail and how does it relate to security monitoring?
Open an interactive chat with Bash
What are the risks of hard-coding access keys in public repositories?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .