Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment. The auditor's BEST course of action would be to determine if:
A.
the patches were updated.
B.
the logs were monitored.
C.
the domain controller was classified for high availability.
A. the patches were updated.
Ensuring that the patches for the domain controller and relevant software have been updated is crucial to addressing the vulnerability that was exploited. Hackers often target known vulnerabilities that can be mitigated through patching. Therefore, verifying the status of patch updates is a fundamental step in responding to such a breach.
While the other options (B, C, and D) may also be important security controls, they are not the primary and immediate action to take in response to a known vulnerability being exploited. Monitoring logs (option B), classifying for high availability (option C), and monitoring network traffic (option D) are ongoing security measures, but patching vulnerabilities is typically the first step in mitigating a known security risk.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SuperMax
9 months, 2 weeks ago