Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following practices helps incident responders during recovery after an insider attack?

  1. Implement "immutable" and "unbreakable" backups

  2. Trust employees to report any unusual activity

  3. Ignore minor incidents to focus on major threats

  4. Rely on external audits only

The correct answer is: Implement "immutable" and "unbreakable" backups

Implementing "immutable" and "unbreakable" backups is a crucial practice that significantly supports incident responders during the recovery phase after an insider attack. These types of backups ensure that data cannot be altered or deleted once they are created, which protects against malicious insider actions that may aim to compromise or destroy vital data. This ensures that, even in the face of an insider threat, responders can restore systems and data to a secure state using these unaffected backups. This practice also instills confidence in the integrity of the backup systems, allowing for a quicker recovery time and minimizing operational disruptions. With immutable backups, if a data breach occurs, the organization maintains a secure snapshot of data that can be relied upon, helping to facilitate an effective recovery process and restoring operations with minimal risk of data loss. In contrast, relying solely on employee reports of unusual activity, ignoring minor incidents, or depending on external audits can expose the organization to greater risks, as these strategies do not provide the fundamental safeguard that robust and secure backup systems do. Minor incidents can serve as early warning signals of larger problems, and solely depending on external audits may overlook internal threats that could be detrimental to the organization's overall data security.

More Questions Like This