Security Incident Response (SIR) Practice Test

A data breach or malware infection is an example of a security incident because it represents a significant event that compromises the confidentiality, integrity, or availability of assets including information systems and data. Such incidents can lead to unauthorized access to sensitive information, can disrupt operations, and might cause reputational damage to the organization. Both data breaches and malware infections require immediate response actions to mitigate impacts, comply with regulatory requirements, and prevent future incidents.

In contrast, a data backup is a protective measure intended to safeguard data from loss rather than an incident itself. A system update, while critical for security, is also a maintenance activity that aims to improve or patch systems rather than signifying a compromise. Lastly, a routine audit is a systematic examination of a system or process, which focuses on compliance and security posture rather than indicating a security incident. These activities are part of normal operations and risk management, rather than events that signify a security failure or compromise.