Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which type of network-based attack is considered an inappropriate usage incident?

Denial of service
Insider threat
Man-in-the-middle attack
Distributed denial of service

The correct answer is: Insider threat

An inappropriate usage incident typically refers to situations where users engage in unauthorized or unethical behavior concerning their organization's resources, often due to misuse of access privileges or insider knowledge. Insider threats are classified as a form of inappropriate usage because they involve individuals, such as employees or contractors, who exploit their legitimate access to data and systems for malicious purposes or personal gain. This behavior can manifest in various forms, including data theft, sabotage, or unauthorized access to sensitive information. The key element here is the misuse of access by an insider, distinguishing it from other attack types that may involve external threats or are less about misuse of roles within the organization. In contrast, denial of service and distributed denial of service attacks typically originate from external threats aiming to overwhelm systems. Man-in-the-middle attacks also involve third parties intercepting communications, rather than internal misuse of authority or access. Therefore, the classification of an insider threat as an inappropriate usage incident is accurate, as it emphasizes the violation of acceptable use policies by someone who has been granted access.