CERTIFIED-IN-CYBERSECURITY · Question #243
CERTIFIED-IN-CYBERSECURITY Question #243: Real Exam Question with Answer & Explanation
The correct answer is C: Conducting an unauthorized vulnerability scan. An incident is an unplanned event that could impact the confidentiality, integrity, or availability of information or information systems, and requires a response to mitigate or resolve the incident. Conducting an unauthorized vulnerability scan is considered a computer security
Question
Which of the following can be considered an example of a computer security incident?
Options
- ACompleting a full backup schedule
- BRecording system access in a log
- CConducting an unauthorized vulnerability scan
- DUpdating antivirus signatures
Explanation
An incident is an unplanned event that could impact the confidentiality, integrity, or availability of information or information systems, and requires a response to mitigate or resolve the incident. Conducting an unauthorized vulnerability scan is considered a computer security incident because it involves an unauthorized activity that could potentially identify weaknesses in a system or network that could later be exploited by a threat actor (see ISC2 Study Guide, Chapter 2, Module1). The remaining options are not examples of computer security incidents. A full backup schedule is a routine task that is performed to ensure that important data is backed up. Recording system access in a log is a security measure used to monitor user activity and detect suspicious behavior. Updating antivirus signatures is a routine task that is performed to ensure that the antivirus software is up to date and can detect the latest
Topics
Community Discussion
No community discussion yet for this question.