Question

Consider this scenario: A major government agency experiences a data breach. As a result, more than 100,000 personal records are now subject to authorized access. Despite the fact the CISO announced that there were a few prior warning signs that the system was at risk, no actions were taken to locate the system vulnerability. Because government agencies must comply with NIST standards, it is evident that the breach occurred as a result of insufficient management or governance. True False

Answer 1

Answer is TRUE.

Refer below.

Step-by-step explanation:

Because government agencies must comply with NIST standards, it is evident that the breach occurred as a result of insufficient management or governance is TRUE.

Answer 2

True

Step-by-step explanation:

When any government agency experiences a data breach subjecting personal records to authorized access, no actions would be taken to locate the system vulnerability even if it was announced by the chief information security officer (CISO) because government agencies must comply with the National Institute of Standards and Technology (NIST) standards.