Home › BCA Cyber Security › cybersecurity › Cybersecurity Fundamentals › A SECURITY INCIDENT is BEST defined as
A SECURITY INCIDENT is BEST defined as
Aany login to the system
Ba normal backup operation
Ca planned maintenance window
Devent harming CIA of information
Answer & Solution
Correct answer: D. event harming CIA of information
1. SECURITY INCIDENT (per NIST SP 800-61): an event that ACTUALLY OR POTENTIALLY violates security policies and harms the CIA triad.
2. Examples: data breach, malware infection, DDoS attack, ransomware, insider data theft.
3. INCIDENT RESPONSE LIFECYCLE: Preparation → Detection & Analysis → Containment, Eradication, Recovery → Post-Incident Activity.
4. Differentiation: an EVENT is any observable occurrence; an INCIDENT is an event causing or threatening harm.
5. Other options describe normal operations, not incidents.
_Source: NIST CSF + SP 800-61 referenced (Computer Security Incident Handling Guide)._
Related questions
A HASH FUNCTION (e.g. SHA-256) used for password storage should beWhich of the following is a TYPE of MALWARE that encrypts files and demands payment for thDEFENSE IN DEPTH is a strategy thatWhich authentication method requires the user to present at least TWO different categoriesPRINCIPLE OF LEAST PRIVILEGE states thatRisk is commonly expressed as a function ofWithin the RESPOND function, ANALYSIS of detected incidents and COMMUNICATIONS with stakehWhich NIST CSF function ensures that PLANS to RESTORE capabilities or services are execute