Which statement about CERT's stance on incidents is true?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Get ready for the Cybersecurity and Digital Forensics Test with comprehensive multiple choice questions, flashcards, and detailed explanations. Enhance your skills and prepare for success in the digital security field!

Multiple Choice

Which statement about CERT's stance on incidents is true?

Explanation:
Think of an incident as any event that violates or could violate computer security policy. CERT’s stance is that an incident doesn’t have to be a real adverse event; a near-miss or an attempted intrusion already counts because it involves a violation or imminent threat to policy. This means you can treat suspicious activity, misconfigurations that could lead to a breach, or failed login attempts as incidents worth handling even if no damage has occurred yet. CERT does define incidents and provides guidance on how to respond to them. Saying every event is an incident would be too broad, while requiring actual harm would miss important warning signs.

Think of an incident as any event that violates or could violate computer security policy. CERT’s stance is that an incident doesn’t have to be a real adverse event; a near-miss or an attempted intrusion already counts because it involves a violation or imminent threat to policy. This means you can treat suspicious activity, misconfigurations that could lead to a breach, or failed login attempts as incidents worth handling even if no damage has occurred yet. CERT does define incidents and provides guidance on how to respond to them. Saying every event is an incident would be too broad, while requiring actual harm would miss important warning signs.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy