Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following practices will not help incident responders in containing AWS security incidents?

  1. Regularly updating IAM policies

  2. Implement custom route table with interconnection routes within the VPC

  3. Isolating impacted resources in a separate VPC

  4. Conducting routine security audits

The correct answer is: Implement custom route table with interconnection routes within the VPC

The practice of implementing a custom route table with interconnection routes within the Virtual Private Cloud (VPC) does not directly help incident responders in containing security incidents. While custom route tables can optimize network traffic and control the flow between subnets, they primarily serve the purpose of routing management and network configuration rather than incident response and containment. In contrast, regularly updating Identity and Access Management (IAM) policies ensures that only authorized users have access to sensitive resources, which can prevent further compromises during an incident. Isolating impacted resources in a separate VPC is a crucial containment strategy that allows responders to limit the spread of an incident and manage the impacted resources more effectively. Conducting routine security audits helps organizations identify vulnerabilities and risks before they can be exploited, thereby enhancing their overall security posture and readiness for incident response. Therefore, while route tables are important for network management, they do not contribute to the incident containment efforts in the same way that the other practices do.

More Questions Like This