Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which practice does not help contain a web application security incident?

  1. Reviewing application logs

  2. Isolating affected systems

  3. Disable the black hole feature on the web application

  4. Applying patches and updates

The correct answer is: Disable the black hole feature on the web application

The correct answer is that disabling the black hole feature on the web application does not help contain a web application security incident. This is because the black hole feature typically refers to a method of redirecting malicious traffic to a "black hole" to prevent it from reaching the application. While this action might aim to protect the system under normal circumstances, during an active incident, simply disabling this feature can expose the application to additional attacks or further compromise. On the other hand, practices like reviewing application logs, isolating affected systems, and applying patches and updates are proactive measures for incident containment and remediation. Reviewing logs helps in identifying the nature and scope of the incident, while isolating affected systems minimizes further damage and prevents the threat from spreading. Applying patches and updates addresses vulnerabilities that may have been exploited during the incident, thereby strengthening the security posture of the web application after an incident has occurred.

More Questions Like This