Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following signs is an indicator of a Google Cloud security incident?

  1. Modification of privileged Google group accessibility to make it available to the public

  2. Routine access by authorized users

  3. Creation of new IAM roles

  4. Regular permission audits

The correct answer is: Modification of privileged Google group accessibility to make it available to the public

The modification of privileged Google group accessibility to make it available to the public is a clear indicator of a potential security incident. Such a change can compromise the security of sensitive information and resources by allowing unauthorized individuals or entities access to areas that should be protected. It suggests a deliberate alteration of security settings that could lead to data breaches or exposure of critical assets, making it a significant red flag for security teams. In contrast, routine access by authorized users, the creation of new IAM roles, and regular permission audits represent normal operational activities within a secure environment. Authorized users accessing the system as per their permissions indicates proper functioning rather than an incident. Similarly, creating new IAM roles is a legitimate practice to ensure that appropriate access is given based on roles needed for specific tasks, and conducting regular permission audits is a proactive measure to ensure that access rights remain appropriate and secure. These actions are typically part of best practices for maintaining security rather than indicators of a security breach.

More Questions Like This