[&] Which of the following best defines an 'incident' in the context of cybersecurity?
- An event indicating a potential security breach or policy violation -- Correct
- Any network traffic logged by a firewall
- A regular system event without any negative impact
- A once-off occurrence with no further consequences

[&] How is an 'event' different from an 'incident'?
- An event is a regular occurrence, while an incident indicates a security threat -- Correct
- An incident is routine, while an event is critical
- An event is always malicious, while an incident is benign
- An event requires immediate action, unlike an incident

[&] What is the primary goal of incident response?
- To eliminate all cyber threats permanently
- To increase the complexity of security systems
- To ensure complete data protection
- To minimize damage and prevent future incidents -- Correct

[&] Why is incident response considered a critical part of an organization's cybersecurity strategy?
- Because all organizations have unlimited budgets to handle cybersecurity.
- Because it ensures faster detection, containment, and recovery from security incidents. -- Correct
- Because it guarantees complete immunity from all cyber threats.
- Because it permanently eliminates the threat of zero-day exploits.

[&] Which statement is true about incident responders?
- They only work within the organization they are employed by
- They focus exclusively on preventing malware
- They ensure incidents are ignored post-recovery
- They manage and handle security incidents to limit damage -- Correct