Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which practice will not help incident responders contain Google Cloud security incidents?

  1. Start a fresh copy of the container

  2. Retain the compromised container

  3. Implement access control policies

  4. Monitor API usage continuously

The correct answer is: Retain the compromised container

Retaining a compromised container does not contribute to effectively containing Google Cloud security incidents. When an incident occurs, the primary focus is to prevent further damage and limit the potential impact on the environment. Keeping a compromised container could lead to further exploitation of vulnerabilities, data leakage, or persistence of malicious activities. In contrast, starting a fresh copy of the container can help restore services while eliminating the risk associated with the compromised state. Implementing access control policies strengthens security measures by ensuring only authorized users have access, thereby reducing attack vectors. Continuous monitoring of API usage allows for the detection of unusual or unauthorized activities in real time, facilitating quicker incident response and containment. Each of these practices aligns with incident containment strategies, whereas retaining a compromised container poses additional risks.

More Questions Like This