Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which indicator could signal a security incident in an organization?

  1. Decrease in employee productivity

  2. Increased server memory usage

  3. Regular software updates

  4. Improved network connectivity

The correct answer is: Increased server memory usage

Increased server memory usage can be a significant indicator of a security incident within an organization. This spike may suggest a variety of potential security threats, such as unauthorized access or a malicious software process consuming resources. For instance, malware operating on a server can lead to unusual memory usage patterns as it runs processes that exceed the normal operational baseline. Monitoring memory usage allows security teams to detect abnormal behaviors that could point to a compromise, making it an essential metric in identifying potential security incidents. In contrast, a decrease in employee productivity may reflect many organizational issues and is not necessarily indicative of a security threat. Regular software updates are aimed at improving security posture and do not signal incidents but rather are proactive measures against them. Improvements in network connectivity typically indicate that systems are functioning well, rather than suggesting the presence of a security incident.

More Questions Like This