Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which practice will not help incident responders contain IoT-based security incidents?

  1. Allow outbound requests or commands to establish connections with IoT devices

  2. Implement access controls on stressed devices

  3. Monitoring traffic for anomalies

  4. Segmenting the IoT network

The correct answer is: Allow outbound requests or commands to establish connections with IoT devices

Allowing outbound requests or commands to establish connections with IoT devices does not aid in containing security incidents. In fact, permitting such outbound connections can exacerbate the situation by providing potential pathways for attackers to exploit devices or extract sensitive data. When incident responders aim to contain an incident, the primary goal is to limit further damage and prevent attackers from communicating with compromised devices. By allowing unrestricted outbound connections, the risk of data exfiltration and additional compromises increases, thus undermining the containment efforts. On the other hand, implementing access controls on stressed devices is a valuable practice for limiting access to only authorized users or systems, protecting the integrity of the IoT devices. Monitoring traffic for anomalies allows responders to identify suspicious activity and respond proactively to potential threats. Similarly, segmenting the IoT network can limit the spread of incidents, keeping compromised devices isolated from more critical areas of the network. These strategies are essential for proactively managing IoT security incidents and mitigating potential impacts, whereas allowing outbound connections can significantly weaken the incident response framework.

More Questions Like This