Certified Incident Handler (CIH) Practice Ecam

In the insider risk matrix, what indicates a high risk posed by an insider?

• A. Low technical literacy and process knowledge
• B. High technical literacy and low process knowledge
• C. High technical literacy and high process knowledge
• D. Low technical literacy and high process knowledge

The correct answer is: High technical literacy and high process knowledge

The indication of a high risk posed by an insider primarily relates to the combination of high technical literacy and high process knowledge. When an individual possesses both of these traits, they have the capability to understand intricate systems and processes, as well as the skills to manipulate those systems effectively. Such individuals can exploit their knowledge in ways that could lead to data breaches, system manipulations, or other malicious activities. High technical literacy means that the insider can navigate complex technical environments, potentially allowing them to bypass security measures and access sensitive information. Concurrently, having high process knowledge means they are aware of how various processes within the organization function, including any potential weaknesses or points of leverage that could be exploited. Together, these factors significantly heighten the risk that the insider could engage in harmful activities, whether for personal gain or out of malice towards the organization. In contrast, combinations showing low technical literacy or low process knowledge indicate a lesser ability to commit such acts since the insider may lack the necessary skills or understanding required to exploit the organization's systems effectively.