A national healthcare organization with multiple branches is facing growing cybersecurity challenges due to unmanaged...

The EC-Council Incident Handler (ECIH) curriculum highlights the importance of proactive security controls, asset management, configuration management, and vulnerability management as foundational elements of forensic readiness and incident prevention.

The scenario describes challenges related to unmanaged systems, inconsistent configurations, and lack of asset visibility—core issues addressed by the CIS Critical Security Controls (CIS CSC). The CIS Controls provide prioritized, actionable cybersecurity best practices designed to mitigate the most common attack vectors. These include inventory and control of hardware assets, inventory and control of software assets, secure configuration of enterprise assets, continuous vulnerability management, and controlled use of administrative privileges.

ECIH emphasizes that organizations must first establish visibility into assets and enforce baseline security configurations to reduce attack surfaces. The CIS framework is specifically designed for practical implementation, making it ideal for organizations seeking efficient deployment using available resources.

Option B (NIST 800-61) focuses on incident response lifecycle management, not proactive exposure reduction. Option C (ITIL) focuses on IT service management and service restoration, not cybersecurity hardening. Option D (COBIT) provides high-level governance and enterprise control objectives but does not offer the hands-on, prioritized technical safeguards described in the scenario.

Therefore, consistent with ECIH guidance on preventive controls and security baselining, the CIS Critical Security Controls framework is the best fit for implementing proactive, real-world defensive measures.