Certified Incident Handler (CIH) Practice Ecam

How would you categorize an incident involving a disgruntled employee sharing sensitive access information to a competitor?

• A. Low level incident
• B. Medium level incident
• C. High level incident
• D. Critical incident

The correct answer is: High level incident

Categorizing the incident involving a disgruntled employee sharing sensitive access information to a competitor as a high-level incident is appropriate due to several factors. Firstly, the nature of the information being disclosed is crucial. Sensitive access information often pertains to proprietary data, trade secrets, or confidential operations, which can significantly impact the organization’s competitiveness and security posture. The exposure of such information can lead to direct financial loss, reputational damage, or legal ramifications if it includes violating contractual obligations or regulations. Secondly, the intent behind the act plays a significant role in the severity of the incident. In this case, the action is taken by a disgruntled employee with probable malicious intent to harm the organization. This not only highlights a potential internal security breach but also points to issues with employee management and security policies that may need to be addressed to prevent further incidents. Finally, the potential for widespread impact on the organization is another element contributing to its classification as a high-level incident. Depending on the scale of the sensitive information shared, competitors could exploit this to undermine the organization’s market position or launch attacks that further exploit vulnerabilities. Collectively, these elements underscore why this incident deserves a high-level designation, reflecting its potential consequences and the urgency required in response efforts to mitigate