Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What practice will not assist during the recovery from insider threats?

  1. Implement immutable backups

  2. Keep backups easily alterable

  3. Regularly test the backup restoration process

  4. Establish off-site backup storage

The correct answer is: Keep backups easily alterable

In the context of recovering from insider threats, it's vital to have robust and secure backup practices. Keeping backups easily alterable inherently poses a significant risk, as it allows for the possibility that malicious insiders could manipulate or destroy backup data. This would hinder recovery efforts and might even exacerbate the damage caused by the insider threat. Immutable backups are an essential practice because they cannot be changed or deleted once created, providing a secure point from which to restore data. Regularly testing the backup restoration process is also critical to ensure that backups are functioning correctly and can be relied upon in case of an incident. Moreover, establishing off-site backup storage protects data from local attacks, ensuring that backups remain secure even if the primary location is compromised. Therefore, the practice of keeping backups easily alterable does not contribute to effective recovery from insider threats and can significantly undermine an organization's resilience against such risks.

More Questions Like This