🔥 3-day streak
CompTIA CySA+ (CS0-003)27 / 147
Question 27 of 147

A mid-sized manufacturer suffers a confirmed ransomware incident affecting several production servers. The incident response manager is coordinating notifications. The company holds a cyber insurance policy that requires prompt reporting of covered events and pre-approval before engaging outside vendors or making ransom-related decisions. Which action should the IR manager prioritize to protect the organization's ability to recover costs under the policy?

Reviewed for accuracy · Report an issueNext question