Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?
A.
Antivirus software was unable to prevent the attack even though it was properly updated.
B.
Backups were only performed within the local network.
C.
The most recent security patches were not tested prior to implementation.
D.
Employees were not trained on cybersecurity policies and procedures.
why b?
backup even on the local network are read only and cannot be altered, so ransomware cannot affect them.
Having the backup offsite, is for DRP, not ransomware
Answer: B
In a ransomware attack, having recent and secure backups is crucial for recovery without paying the ransom. If backups are only stored locally and were compromised during the attack, the organization may have no recourse for recovering its data and systems without resorting to ransom payment. This makes the lack of proper backup strategy a more immediate and critical concern for the IS auditor to address during the audit.
This isn't a concern, as the existence of an updated antivirus doesn't eliminate the possibility of getting infected by any malware.
upvoted 2 times
...
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
3008
1 year, 6 months agoChaBum
1 year, 2 months agochoboanon
8 months agoa84n
1 year agoziutek_
2 years, 8 months agoMohamedAbdelaal
2 years, 1 month ago