ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 9 discussion

Actual exam question from Isaca's CISA
Question #: 9
Topic #: 1
[All CISA Questions]

Which of the following should be the FIRST step in managing the impact of a recently discovered zero-day attack?

  • A. Estimating potential damage
  • B. Identifying vulnerable assets
  • C. Evaluating the likelihood of attack
  • D. Assessing the impact of vulnerabilities
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Deeplaxmi at Sept. 25, 2022, 3:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Deeplaxmi
Highly Voted 2 years, 7 months ago
yes, Knowing the vulnerable asset is imp, then only one can find out which assets might have faced the damage and thence the potential impact/ loss.
upvoted 5 times
...
NainaNivi
Most Recent 1 month ago
Selected Answer: B
Zero-day attack exploits a security vulnerability that is not yet known or patched. Finding systems or data that are exposed to the attack is the first thing to be done to understand where the vulnerability exists.
upvoted 1 times
...
I_Shall_Pass
4 months, 2 weeks ago
Selected Answer: B
Wrote B and turns out it's correct but the wording "managing impact" confused me.
upvoted 1 times
...
73f8ac3
5 months ago
Selected Answer: B
Identification is paramount first. Without it, it is not possible to assess the impact
upvoted 1 times
...
scriptkiddie
9 months, 3 weeks ago
Selected Answer: C
Identifying vulnerable assets is the first crucial step in managing the impact of a zero-day attack​​.
upvoted 1 times
scriptkiddie
9 months, 3 weeks ago
sorry, I want to mark B
upvoted 1 times
...
...
5b56aae
1 year ago
Selected Answer: B
When you know there could be an attack, the first thing is to protect the assets from it
upvoted 1 times
...
PC2323
1 year, 7 months ago
Post zero day estimating vulnerabilities or probability of attack is lower priority than estimating the potential damage
upvoted 1 times
...
TTH1019
1 year, 11 months ago
While identifying vulnerable assets is an important step, it typically comes after evaluating the likelihood of attack. Once the likelihood is determined, organizations can focus on identifying the assets or systems that are potentially affected by the zero-day vulnerability. Ans: C
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago