Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What is not a good practice when containing a malware incident?

  1. Analyze affected devices

  2. Connect devices to the infected network to download updates

  3. Isolate infected systems from the network

  4. Use segregation for testing environments

The correct answer is: Connect devices to the infected network to download updates

Connecting devices to the infected network to download updates is not a good practice when containing a malware incident. This approach poses a significant risk, as it can lead to further propagation of the malware. If infected systems are connected back to the same network, there is a chance that they could communicate with other devices, allowing the malware to spread and compromise additional systems. Isolating infected systems from the network and analyzing affected devices are critical steps in containing the malware and preventing further damage. Using segregation for testing environments also helps ensure that any potential threats are contained and do not affect operational systems. Thus, maintaining a secure and controlled approach when dealing with malware incidents is essential for effective incident response.

More Questions Like This