Malware is most commonly introduced via file attachments in instant messaging.
Blocking attachments directly prevents users from exchanging potentially harmful files, thus mitigating the malware risk effectively.
This control allows users to still communicate via IM, preserving business functionality, but reduces the main malware attack vector.
Why not the others?
A. Blocking external IM traffic
➤ Reduces risk but may hinder legitimate business communications with external partners.
C. Allowing only corporate IM solutions
➤ Helps control and monitor traffic but doesn’t eliminate malware risk if attachments are allowed.
D. Encrypting IM traffic
➤ Protects confidentiality but does not prevent malware infection.
this aligns with the CISA CRM recommendation, which gives strong weight to blocking or restricting IM traffic as a preventive control. Refer to 5.9.5 Instant Messaging, figure 5.22 from the CISA CRM.
Allowing only corporate IM solutions is the best control to mitigate the malware risk associated with IM systems because it prevents unauthorized or malicious IM applications from accessing the network and infecting the system with malware.
The answer is A.
Refer to 5.9.5 Instant Messaging, figure 5.22 from the CISA CRM>
It clearly states that :
Ensure that antivirus and anti-malware controls are
installed on allsystems and updated daily.
• Block IM traffic.
• Only allow an enclosed corporate IM solution
The best control to mitigate the malware risk associated with an instant messaging (IM) system is blocking attachments in IM. Malware can be spread through file attachments in instant messages, so preventing the exchange of attachments in IM can help reduce the risk of malware infection.
Option B is the best control to mitigate the malware risk associated with an IM system because blocking attachments in IM can help to prevent the transmission of malware through the IM system. Malware is often transmitted through attachments, so blocking attachments can be an effective way to prevent the spread of malware. Option A may help to reduce the risk of malware, but it is not as effective as blocking attachments because malware can still be transmitted through other means. Option C may help to reduce the risk of malware, but it is not as effective as blocking attachments because malware can still be transmitted through other means. Option D may help to protect against the interception of IM traffic, but it does not address the risk of malware transmission.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Greens
2 months agoIFBBPROSALCEDO
4 months, 3 weeks agodvnloveee
5 months agoAbbey2
9 months, 1 week agoSwallows
10 months, 1 week agoakosigengen
11 months, 2 weeks agocidigi
1 year, 5 months agocidigi
1 year, 5 months agoa84n
9 months, 3 weeks ago007Georgeo
1 year, 9 months agoSBD600
1 year, 9 months agonickchen
2 years, 1 month ago