CompTIA Security+ SY0-701 Practice Question
Upon discovering a data breach involving unauthorized access to the customer records system, what is the PRIMARY action the security team should focus on according to standard security protocols?
Start documenting the details of the breach and response actions taken.
Prioritize the review of security logs to trace the origin of the attack.
Immediately isolate affected systems to stop the spread of the breach.
Notify the company's legal team and prepare for public disclosure.