Certified Incident Handler (ECIH v3) — Question 67

Insider threats can be detected by observing concerning behaviors exhibited by insiders, such as conflicts with supervisors and coworkers, decline in performance, tardiness or unexplained absenteeism. Select the technique that helps in detecting insider threats:

Answer options

• A. Correlating known patterns of suspicious and malicious behavior
• B. Protecting computer systems by implementing proper controls
• C. Making is compulsory for employees to sign a none disclosure agreement
• D. Categorizing information according to its sensitivity and access rights

Correct answer: A

Explanation

The correct answer is A, as correlating known patterns of suspicious and malicious behavior is essential for detecting insider threats. Options B, C, and D focus on preventative measures and do not directly address the identification of insider threats through behavior analysis.