Certified Information Systems Auditor (CISA) — Question 1296

Which of the following should be the FIRST step in managing the impact of a recently discovered zero-day attack?

Answer options

• A. Estimating potential damage
• B. Identifying vulnerable assets
• C. Evaluating the likelihood of attack
• D. Assessing the impact of vulnerabilities

Correct answer: B

Explanation

The correct answer is B, as identifying vulnerable assets is essential to understand which systems are at risk from the zero-day attack. The other options, while important, come after identifying which assets are vulnerable; estimating damage, evaluating likelihood, and assessing impact can only be accurately done once the vulnerable assets are known.