Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following practices should an incident responder follow during recovery of an email security incident?

  1. Enquire with the bank if it is possible to revert the transaction

  2. Change all account passwords immediately

  3. Contact users to notify them of the breach

  4. Whitelist the affected email addresses

The correct answer is: Enquire with the bank if it is possible to revert the transaction

Enquiring with the bank about the possibility of reverting a transaction is a critical step during the recovery phase of an email security incident, particularly if financial fraud is suspected. This action can help in mitigating the damage caused by unauthorized transactions that may have taken place as a result of the email incident. Communication with financial institutions may lead to the recovery of stolen funds, or at the very least, help establish a timeline of events and secure the account against further unauthorized access. This measure emphasizes the importance of proactive engagement with external entities, such as banks, to trace and potentially reverse harmful actions taken as a result of the incident. It should be part of a broader recovery strategy that includes addressing technical aspects, user notifications, and future prevention.

More Questions Like This