Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following describes a key component in the incident handler's role during a malware incident?

  1. Ignoring evidence of intrusion

  2. Taking comprehensive notes throughout the incident

  3. Delaying incident response

  4. Failing to update stakeholders

The correct answer is: Taking comprehensive notes throughout the incident

Taking comprehensive notes throughout the incident is essential for several reasons. Firstly, thorough documentation aids in maintaining a clear and accurate record of the incident's progression, which can prove invaluable for post-incident analysis and reporting. This practice enables incident handlers to track timelines, actions taken, and decisions made which contributes to understanding the incident’s impact and learning from it. Moreover, detailed notes can be crucial during investigations to establish a timeline of events and actions. They allow for effective communication with other team members and stakeholders, ensuring everyone is informed about the situation. This documentation can also serve as evidence in any potential legal proceedings or compliance requirements that may arise from the incident. In contrast, other options inherently detract from an effective incident handling process. Ignoring evidence of intrusion would undermine the entire investigation, delaying incident response can exacerbate the damage caused by malware, and failing to update stakeholders can lead to misinformation and lack of coordination in response efforts. Each of these aspects demonstrates poor practices that could jeopardize the efficiency and effectiveness of incident management.

More Questions Like This