ExpertMedium1 markMultiple Choice
CPA · Question 61 · Area II: Security
What is the difference between an 'Event' and an 'Incident' in cybersecurity?
What is the difference between an 'Event' and an 'Incident' in cybersecurity?
Answer options:
A.
An incident is any observable occurrence; an event is negative.
B.
An event is any observable occurrence; an incident is an event that negatively impacts the organization.
C.
Events are internal; Incidents are external.
D.
There is no difference.
How to approach this question
Event = Neutral. Incident = Bad.
Full Answer
B.An event is any observable occurrence; an incident is an event that negatively impacts the organization.✓ Correct
An event is any change in state (e.g., firewall log, user login). An incident is an event that violates policy or threatens security (e.g., malware infection).
Common mistakes
Using the terms interchangeably.
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy