New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CGEIT Exam - Topic 5 Question 72 Discussion

Actual exam question for Isaca's CGEIT exam
Question #: 72
Topic #: 5
[All CGEIT Questions]

The CIO of an enterprise learns the payroll server of a competitor has been the victim of ransomware. To help plan for the possibility of ransomed corporate data, what should be the ClO's FIRST course of action?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Giovanna at Apr 25, 2024, 07:16 AM

Limited Time Offer

25%

Off

Get Premium CGEIT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rosio
3 months ago
Backing up data is a must, but what about training staff?
upvoted 0 times
...
Jin
3 months ago
KRIs are useful, but not the first step here.
upvoted 0 times
...
Nickolas
3 months ago
Surprised they haven't already had a ransomware policy in place!
upvoted 0 times
...
Noel
4 months ago
I think a targeted risk assessment is more important.
upvoted 0 times
...
Eun
4 months ago
Definitely need to back up data first!
upvoted 0 times
...
Wilda
4 months ago
Developing KRIs sounds important, but I wonder if it should come after assessing the current risks. I'm torn between A and C.
upvoted 0 times
...
Frank
4 months ago
I practiced a similar question where backing up data was emphasized, so I lean towards option D being crucial for immediate action.
upvoted 0 times
...
Silva
4 months ago
I'm not entirely sure, but I feel like a targeted risk assessment could help identify vulnerabilities, so maybe option C is the way to go?
upvoted 0 times
...
Shannon
5 months ago
I remember discussing the importance of having a ransomware policy in class, so I think option B makes sense as a first step.
upvoted 0 times
...
Dominic
5 months ago
I'm feeling pretty confident about this one. The CIO's first step should be to develop a policy to address ransomware, since that will provide the framework for the organization's response and recovery efforts. The other options are important, but they come after establishing the policy.
upvoted 0 times
...
Andrew
5 months ago
Okay, I've got this. The first thing the CIO should do is request a targeted risk assessment to understand the potential impact of a ransomware attack on the company's systems and data. That will help inform the next steps in developing a policy and response plan.
upvoted 0 times
...
Marguerita
5 months ago
Hmm, I'm a bit unsure about this one. There are a few options that seem reasonable, but I'm not sure which one is the "first" course of action the CIO should take. I'll need to think this through carefully.
upvoted 0 times
...
Zack
5 months ago
This seems like a straightforward question about incident response. I think the key is to focus on the first step the CIO should take, which is likely to assess the risk and plan a response.
upvoted 0 times
...
Art
5 months ago
I'm feeling a little lost on this one. There are a lot of moving parts to consider, like risk indicators, policies, and data backups. I'll need to review my notes and think through the logical sequence of steps the CIO should take.
upvoted 0 times
...
Alverta
5 months ago
Hmm, I'm a bit unsure about this one. There are a few options that seem reasonable, like developing a ransomware policy or doing a risk assessment. I'll need to think through the pros and cons of each approach.
upvoted 0 times
...
Lashaunda
5 months ago
This seems like a straightforward question about incident response planning. I think the key is to focus on the first step the CIO should take, which is likely to assess the risk and develop a plan to address it.
upvoted 0 times
...
Derick
5 months ago
Okay, I've got this. The first thing the CIO should do is request a targeted risk assessment to understand the specific threats and vulnerabilities the organization faces. That will provide the necessary information to develop an effective ransomware policy and response plan.
upvoted 0 times
...
Jacqueline
5 months ago
I've seen hex strings like this before, but I'm not sure which encoding method it represents. I'll have to carefully consider the options and see if I can eliminate any of them.
upvoted 0 times
...
Adell
5 months ago
This is a tricky one, I'll need to think through the different data sources and their priorities carefully.
upvoted 0 times
...
Mike
10 months ago
The CIO should probably hire a ransomware negotiator - someone who's really good at holding their data for ransom.
upvoted 0 times
...
Rutha
10 months ago
Wow, ransomware is no joke. I bet the CIO is feeling the pressure right now. D seems like the safest bet, but I'm curious to see if anyone comes up with a witty pun about backing up data. That would really seal the deal for me.
upvoted 0 times
Victor
8 months ago
C) Request a targeted risk assessment.
upvoted 0 times
...
Carey
9 months ago
B) Develop a policy to address ransomware.
upvoted 0 times
...
Jeannetta
9 months ago
A) Require development of key risk indicators (KRIs).
upvoted 0 times
...
...
Mariko
10 months ago
Hold up, what about C? A targeted risk assessment could help the CIO identify vulnerabilities and plan accordingly. Might be worth considering, especially since the competitor's server was hit.
upvoted 0 times
Jose
8 months ago
C) Request a targeted risk assessment.
upvoted 0 times
...
Yvonne
9 months ago
B) Develop a policy to address ransomware.
upvoted 0 times
...
Casie
10 months ago
A) Require development of key risk indicators (KRIs).
upvoted 0 times
...
...
Kiera
10 months ago
I agree, D is the way to go. Backing up data is the first line of defense against ransomware. The other options are good too, but they won't do much if the data is already encrypted.
upvoted 0 times
...
Micah
10 months ago
Ransomware is a serious threat, and the CIO needs to act quickly. D seems like the best option to protect the company's data in case of an attack.
upvoted 0 times
Tomoko
9 months ago
D) Back up corporate data to a secure location.
upvoted 0 times
...
Veda
9 months ago
C) Request a targeted risk assessment.
upvoted 0 times
...
Hassie
9 months ago
B) Develop a policy to address ransomware.
upvoted 0 times
...
Carlota
10 months ago
A) Require development of key risk indicators (KRIs).
upvoted 0 times
...
...
Renea
10 months ago
Backing up corporate data to a secure location should also be a priority to protect against ransomware.
upvoted 0 times
...
Chantay
10 months ago
I agree with Fernanda. Developing a policy would help prevent future attacks.
upvoted 0 times
...
Fernanda
10 months ago
I think the CIO should develop a policy to address ransomware first.
upvoted 0 times
...

Save Cancel