In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, and so many more.
In the second milestone, you will access the administrative, physical, and technical controls of the particular company then determine which one of these administrative, physical, and technical controls were not secure and led to the security incident.