Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What action should an incident handler avoid while eradicating malware?

  1. Enable autorun for removable media

  2. Use antivirus scanning tools

  3. Update security patches

  4. Disconnect infected systems

The correct answer is: Enable autorun for removable media

Enabling autorun for removable media should be avoided during the eradication of malware because it allows malicious software to automatically execute when a removable device is connected to the system. This action can lead to the reintroduction or further spread of malware, compromising the efforts to eliminate it and potentially infecting other systems. It's critical for incident handlers to take precautions that limit any automated actions that could inadvertently propagate malware, making it essential to disable such features during cleanup and recovery processes. In contrast, utilizing antivirus scanning tools, updating security patches, and disconnecting infected systems are all best practices in handling malware incidents. These actions help to protect systems, reduce vulnerabilities, and contain the spread of malware, thereby contributing to a more effective response to the incident.

More Questions Like This