Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What threat modeling step was Ruby executing when assessing compliance and quality-of-service requirements?

  1. Identify vulnerabilities

  2. Identify threats

  3. Identify security objectives

  4. Decompose the application

The correct answer is: Identify security objectives

When assessing compliance and quality-of-service requirements, the step Ruby was executing involves identifying security objectives. This step is crucial because it helps define the security goals that an organization aims to achieve, taking into account regulatory requirements and service expectations. By establishing these objectives, Ruby would be creating a clear framework for what needs to be protected and the standards that must be met, thus directly addressing compliance and quality-of-service. During this process, Ruby would consider various factors, such as legal and regulatory obligations as well as the organization's risk appetite. This enables the development of a strategic approach to safeguard the application and its data, ensuring that it operates efficiently while adhering to necessary standards. Ultimately, identifying security objectives lays the foundational groundwork for further steps in the threat modeling process, such as identifying threats or vulnerabilities, but it distinctly prioritizes compliance and service quality from the outset.

More Questions Like This