Certified Incident Handler (ECIH v3) — Question 38

Incident management team provides support to all users in the organization that are affected by the threat or attack. The organization's internal auditor is part of the incident response team. Identify one of the responsibilities of the internal auditor as part of the incident response team:

Answer options

• A. Configure information security controls
• B. Perform necessary action to block the network traffic from suspected intruder
• C. Identify and report security loopholes to the management for necessary actions
• D. Coordinate incident containment activities with the information security officer

Correct answer: C

Explanation

The correct answer is C because the internal auditor's role includes identifying vulnerabilities and reporting them to management for action. Options A and B pertain to technical tasks that fall outside the auditor's responsibilities, while D involves coordination rather than identification of security issues.