In incident response protocols, incidents are categorized based on their severity, impact, and the

urgency of the response required. The categorization helps in prioritizing incident response activities

and allocating resources accordingly. A CAT 1 (Category 1) incident is typically considered the highest

priority, involving significant threats that require immediate response. Given the scenario where a

malware incident in one of the largest social network companies must be reported within 1 hour of

discovery/detection, this indicates a high-priority incident due to the potential widespread impact

and the need for a rapid response to contain and mitigate the malware's spread. The urgency of the

reporting timeframe suggests that the incident is considered critical, aligning with the characteristics

of a CAT 1 incident, which necessitates immediate action to prevent significant damage or disruption

to the company's operations and services.

Reference:The Incident Handler (ECIH v3) curriculum emphasizes the importance of incident

categorization and the establishment of clear reporting and response protocols based on the severity

and urgency of incidents. This framework enables organizations to respond effectively to incidents

like malware attacks by ensuring that high-priority threats are quickly identified and addressed.