New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISM Exam - Topic 4 Question 90 Discussion

Actual exam question for Isaca's CISM exam
Question #: 90
Topic #: 4
[All CISM Questions]

An information security manager has learned of an increasing trend in attacks that use phishing emails impersonating an organization's CEO in an attempt to commit wire transfer fraud. Which of the following is the BEST way to reduce the risk associated with this type of attack?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Desmond at Dec 06, 2024, 12:12 AM

Limited Time Offer

25%

Off

Get Premium CISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Shawana
3 months ago
D is just overkill, disabling emails won't solve the problem.
upvoted 0 times
...
Tien
3 months ago
B seems too limited, training should be for all staff involved.
upvoted 0 times
...
Lizbeth
3 months ago
Surprised this is a trend! Didn't realize CEOs were targeted like this.
upvoted 0 times
...
Ling
4 months ago
I don't think suspending wire transfers is practical.
upvoted 0 times
...
Teddy
4 months ago
C is definitely the best choice here. Staff need to be aware!
upvoted 0 times
...
Joye
4 months ago
Disabling emails for staff seems extreme and could hinder operations. I think option C makes the most sense, but I’m not completely confident.
upvoted 0 times
...
Willetta
4 months ago
I feel like we practiced a similar question where training was emphasized. Providing awareness training to the CEO seems important, but I wonder if that's enough.
upvoted 0 times
...
Tegan
4 months ago
I'm not entirely sure, but I think temporarily suspending wire transfers might just delay the problem instead of solving it.
upvoted 0 times
...
Aimee
5 months ago
I remember discussing how awareness training for staff can really help in recognizing phishing attempts. It seems like option C could be the best choice.
upvoted 0 times
...
Dianne
5 months ago
I've seen questions like this before, and the best answer is usually about training and awareness. Disabling emails or suspending wire transfers could create other issues, so I'll go with the option that focuses on educating the people who are most vulnerable to this type of attack.
upvoted 0 times
...
Frank
5 months ago
Providing awareness training to the CEO and staff responsible for wire transfers seems like the most logical approach here. Educating the key people involved is crucial for reducing the risk of this type of phishing attack.
upvoted 0 times
...
Marguerita
5 months ago
Hmm, I'm a bit unsure about this one. Suspending wire transfers seems like it could be too drastic, and disabling emails for staff seems like it might cause more problems than it solves. I'll have to think this through carefully.
upvoted 0 times
...
Nikita
5 months ago
This seems like a straightforward question about mitigating phishing risks. I'll carefully consider each option and choose the one that best addresses the specific threat described.
upvoted 0 times
...
Vicki
1 year ago
Ha! Disabling emails for the wire transfer team? That's like asking them to do their job with one hand tied behind their back. C) is definitely the way to go.
upvoted 0 times
Audrie
1 year ago
B) Provide awareness training to the CEO for this type of phishing attack.
upvoted 0 times
...
Cristina
1 year ago
A) Temporarily suspend wire transfers for the organization.
upvoted 0 times
...
Olive
1 year ago
C) Provide awareness training to staff responsible for wire transfers.
upvoted 0 times
...
...
Titus
1 year ago
I'm with Yolande on this one. C) is the most comprehensive and sustainable solution. Gotta love those phishing scams, always keeping us on our toes!
upvoted 0 times
...
Caprice
1 year ago
I see your point, Mitsue, but long-term prevention through education is key to mitigating risks.
upvoted 0 times
...
Stefan
1 year ago
B) is not a bad idea, but the CEO isn't the one responsible for the wire transfers. Focusing the training on the relevant staff members is the smart move here.
upvoted 0 times
Antonette
1 year ago
A) Temporarily suspend wire transfers for the organization.
upvoted 0 times
...
Kristin
1 year ago
C) Provide awareness training to staff responsible for wire transfers.
upvoted 0 times
...
...
Vincent
1 year ago
I think C) is the way to go. Educating the staff on phishing tactics is the most effective long-term solution. Disabling emails might work, but it's like putting a Band-Aid on a bullet wound.
upvoted 0 times
...
Yolande
1 year ago
C) Provides the best solution by addressing the root cause of the problem - the lack of awareness among the staff responsible for wire transfers. Suspending wire transfers or disabling emails are temporary fixes that don't address the underlying issue.
upvoted 0 times
Larae
1 year ago
B) Provide awareness training to the CEO for this type of phishing attack.
upvoted 0 times
...
Elenore
1 year ago
A) Temporarily suspend wire transfers for the organization.
upvoted 0 times
...
Angelyn
1 year ago
C) Provide awareness training to staff responsible for wire transfers.
upvoted 0 times
...
...
Mitsue
1 year ago
But wouldn't temporarily suspending wire transfers be a more effective immediate solution?
upvoted 0 times
...
Camellia
1 year ago
I agree with Johanna, educating the staff is crucial in preventing phishing attacks.
upvoted 0 times
...
Johanna
1 year ago
I think the best way is to provide awareness training to staff responsible for wire transfers.
upvoted 0 times
...

Save Cancel