Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following practices will not help incident responders contain cloud security incidents?

  1. Allow communication with the external network until the incident is detected and resolved

  2. Isolate affected systems

  3. Restrict access to critical data

  4. Implement firewall rules specific to the incident

The correct answer is: Allow communication with the external network until the incident is detected and resolved

The practice of allowing communication with the external network until the incident is detected and resolved does not aid incident responders in containing cloud security incidents. Maintaining open communication channels during a security incident can exacerbate the situation by enabling further unauthorized access, data exfiltration, or lateral movement within the network. For effective containment, it is essential to restrict outbound communications to prevent the threat from propagating or causing additional damage while the incident is being addressed. In contrast, isolating affected systems, restricting access to critical data, and implementing specific firewall rules help to effectively quarantine the impacted areas of the network, limit the potential for further exploitation, and minimize damage from the incident. These practices are fundamental to a robust incident response strategy, ensuring that the situation remains contained while analysis and remediation efforts are underway.

More Questions Like This