Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following signs is not an indicator of a security incident on Azure Resource Manager?

  1. Unusual activity from unrecognized accounts

  2. Azure resource manager operations originating from legitimate IP addresses

  3. Unscheduled changes to resources

  4. Excessive resource consumption

The correct answer is: Azure resource manager operations originating from legitimate IP addresses

The identification of signs indicating a security incident is critical for effective incident management. In this context, operations originating from legitimate IP addresses do not inherently signal a security issue. Legitimate IP addresses are typically associated with known users or applications that have authorized access to the Azure environment, meaning that their activity is expected and normal. Consequently, observing operations from these recognized and valid sources should not raise immediate alarm, as they are not disruptive or suspicious in nature. In contrast, unusual activity from unrecognized accounts, unscheduled changes to resources, and excessive resource consumption are all signs that could suggest potential security threats such as unauthorized access, configuration drift, or misuse of resources, warranting further investigation and response.

More Questions Like This