A security analyst discovers that a business unit is storing sensitive data on a file share without classification labels. What is the first step to remediate?
The data owner is responsible for classification, which should precede further actions.
Why this answer
The data owner must classify the data first. Other actions are premature before classification. Encrypting or moving might be appropriate after classification.
Deleting without authorization could destroy needed data.