Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which CIS security control is focused on securing and managing credentials for safe authorization?

  1. Data recovery

  2. Inventory and control of enterprise asset

  3. Account management

  4. Audit log management

The correct answer is: Account management

The focus of the chosen answer is on account management, which entails securing and effectively managing user credentials to ensure safe authorization practices within an organization. This control is critical because it governs the processes involved in creating, managing, and removing user accounts and their corresponding credentials. Proper account management helps to establish and maintain least privilege access, ensuring that users have only the access necessary for their roles, thus reducing the risk of unauthorized access and potential breaches. In the context of CIS security controls, account management also encompasses the routine practices of monitoring and auditing accounts, implementing multi-factor authentication, and maintaining password policies, all of which contribute to a robust security posture. This control is foundational for protecting sensitive information and systems from both internal and external threats. The other choices, while important for a comprehensive security strategy, do not specifically address the management of credentials. Data recovery focuses on preserving information integrity in case of loss, inventory and control of enterprise assets deals with managing physical and virtual assets, and audit log management involves monitoring system activities for potential anomalies. These areas support overall security, but they do not center on the specific processes involved in managing user credentials and ensuring authorized access.

More Questions Like This