GIAC Certified Incident Handler (GCIH) — Question 139

What is the definition of an event as it applies to incident handling?

Answer options

• A. Any observable occurrence in a system and/or network
• B. The introduction of malicious code into your network
• C. Something that triggers an alert from your Intrusion Detection System
• D. An adverse occurrence in an information system and/or network or the threat of such an occurrence

Correct answer: A

Explanation

The correct answer, A, defines an event as any observable occurrence, which is foundational for incident handling. Options B and C describe specific types of incidents or alerts rather than the broader definition of an event. Option D also narrows the definition to adverse occurrences, which does not encompass all observable events.