Practice free →
HomeBCA Cyber SecuritycybersecurityCybersecurity Fundamentals › A SECURITY INCIDENT is BEST defined as

A SECURITY INCIDENT is BEST defined as

Aany login to the system
Ba normal backup operation
Ca planned maintenance window
Devent harming CIA of information
Answer & Solution
Correct answer: D. event harming CIA of information
1. SECURITY INCIDENT (per NIST SP 800-61): an event that ACTUALLY OR POTENTIALLY violates security policies and harms the CIA triad. 2. Examples: data breach, malware infection, DDoS attack, ransomware, insider data theft. 3. INCIDENT RESPONSE LIFECYCLE: Preparation → Detection & Analysis → Containment, Eradication, Recovery → Post-Incident Activity. 4. Differentiation: an EVENT is any observable occurrence; an INCIDENT is an event causing or threatening harm. 5. Other options describe normal operations, not incidents. _Source: NIST CSF + SP 800-61 referenced (Computer Security Incident Handling Guide)._
Solve this in the app — BCA Cyber Security practice & 24k+ MCQs →
Related questions