Certified Incident Handler (ECIH v3) — Question 15

The insider risk matrix consists of technical literacy and business process knowledge vectors. Considering the matrix, one can conclude that:

Answer options

• A. If the insider's technical literacy is low and process knowledge is high, the risk posed by the threat will be insignificant.
• B. If the insider's technical literacy and process knowledge are high, the risk posed by the threat will be insignificant.
• C. If the insider's technical literacy is high and process knowledge is low, the risk posed by the threat will be high.
• D. If the insider's technical literacy and process knowledge are high, the risk posed by the threat will be high.

Correct answer: D

Explanation

Answer D is correct because a high level of both technical literacy and business process knowledge equips an insider with the skills to exploit vulnerabilities effectively, thereby increasing risk. Options A and B incorrectly suggest that high knowledge reduces risk, while option C misrepresents the relationship between low process knowledge and high technical literacy, which can also lead to risks but not as significant as in D.