Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which practice will not help incident responders recover resources after a Google Cloud security incident?

  1. Take snapshots for recreating the disks

  2. Recreate the environment from recent backups

  3. Never take snapshots for recreating the disks

  4. Use disaster recovery plans

The correct answer is: Never take snapshots for recreating the disks

The choice to avoid taking snapshots for recreating disks is significant in the context of incident response and resource recovery following a security incident in Google Cloud. Snapshots are critical for preserving the state of a virtual machine's disks at a specific point in time. They allow responders to restore data and configurations to a known good state, which is essential for recovering from incidents and minimizing downtime. By not utilizing snapshots, incident responders miss an opportunity to quickly revert back to a pre-incident state or recover lost data efficiently. Snapshots can serve as a cost-effective and timely solution for regeneration of affected resources without the need to rely solely on longer recovery methods, such as restoring from backups. Snapshots not only aid in resource recovery but also facilitate forensic analysis by allowing responders to access the system state at the moment before the incident. This can provide critical insights for understanding what occurred and how to prevent similar events in the future. In summary, avoiding snapshots impedes effective incident recovery processes, thereby hindering the overall incident response efforts in a cloud environment.

More Questions Like This