Certified Incident Handler (ECIH v3) — Question 8
An organization faced an information security incident where a disgruntled employee passed sensitive access control information to a competitor. The organization's incident response manager, upon investigation, found that the incident must be handled within a few hours on the same day to maintain business continuity and market competitiveness. How would you categorize such information security incident?
Answer options
- A. High level incident
- B. Middle level incident
- C. Ultra-High level incident
- D. Low level incident
Correct answer: B
Explanation
The incident is categorized as a Middle level incident because it requires prompt attention to safeguard business operations without reaching the extreme severity of an Ultra-High level incident. A High level incident would suggest a more critical threat, while a Low level incident does not warrant the urgency needed in this situation.