Isaca Cybersecurity-Audit-Certificate Exam - Topic 4 Question 43 Discussion

Actual exam question for Isaca's Cybersecurity-Audit-Certificate exam

Question #: 43
Topic #: 4

[All Cybersecurity-Audit-Certificate Questions]

Which of the following is EASIEST for a malicious attacker to detect?

AUse of insufficient cryptography

BInsecure storage of sensitive data

CSusceptibility to reverse engineering

DAbility to tamper with mobile code

Show Suggested Answer

Suggested Answer: C

The EASIEST thing for a malicious attacker to detect is thesusceptibility to reverse engineering. Reverse engineering is the process of analyzing the code or functionality of an application to understand its structure, logic, or design. Reverse engineering can be used by attackers to discover vulnerabilities, bypass security mechanisms, or modify the application's behavior. Mobile applications are often susceptible to reverse engineering because they are distributed in binary form and can be easily decompiled or disassembled.

by Caprice at Jul 12, 2025, 03:58 AM

Limited Time Offer

25%

Off

Get Premium Cybersecurity-Audit-Certificate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lera

2 months ago

I’m surprised that people think B is the easiest. Isn’t it all risky?

upvoted 0 times

...

Winfred

2 months ago

I think C is easier to spot, reverse engineering is common.

upvoted 0 times

...

Lucia

2 months ago

Definitely B, insecure storage is a big red flag.

upvoted 0 times

...

Shanda

3 months ago

A is pretty obvious too, especially with weak encryption.

upvoted 0 times

...

Jarvis

3 months ago

Wait, are we really saying tampering with mobile code is easy?

upvoted 0 times

...

Malcom

3 months ago

I’m leaning towards A, but I’m not confident. Insufficient cryptography seems like it could be hard to identify without specific tools.

upvoted 0 times

...

Carma

3 months ago

I feel like tampering with mobile code (option D) could be pretty obvious too, especially if the attacker has access to the device.

upvoted 0 times

...

Bette

4 months ago

I'm not entirely sure, but I remember a practice question that mentioned reverse engineering being a common vulnerability. Could it be option C?

upvoted 0 times

...

Sonia

4 months ago

I think option B might be the easiest for an attacker to detect since insecure storage can often be spotted through simple scanning techniques.

upvoted 0 times

...

Portia

4 months ago

I think the insecure storage of sensitive data is probably the most obvious one for an attacker to find. That's a pretty common vulnerability.

upvoted 0 times

...

Norah

4 months ago

I'm a bit confused on this one. I'd have to review the material again to be sure, but I'm leaning towards susceptibility to reverse engineering as the easiest to detect.

upvoted 0 times

...

William

4 months ago

Definitely the use of insufficient cryptography. That's a classic security flaw that's pretty straightforward for an attacker to spot.

upvoted 0 times

...

Maira

5 months ago

Hmm, I'm not sure about this one. I'd have to think it through a bit more. Maybe the insecure storage of sensitive data could be the easiest to detect?

upvoted 0 times

...

William

5 months ago

I think the easiest one for a malicious attacker to detect would be the use of insufficient cryptography. That's usually pretty obvious if you know what to look for.

upvoted 0 times

...

Vincent

7 months ago

I think B) Insecure storage of sensitive data is the easiest to detect because attackers can easily access it.

upvoted 0 times

...

Edison

7 months ago

I believe C) Susceptibility to reverse engineering is also quite easy for attackers to detect.

upvoted 0 times

...

Izetta

7 months ago

Ah, the age-old question of 'What's the easiest way to get hacked?' I'm voting for B. Insecure storage. It's like leaving your house keys under the doormat.

upvoted 0 times

...