Certified Information Systems Auditor (CISA) — Question 599

Which of the following is the BEST way to mitigate the impact of ransomware attacks?

Answer options

• A. Paying the ransom
• B. Invoking the disaster recovery plan (DRP)
• C. Backing up data frequently
• D. Requiring password changes for administrative accounts

Correct answer: C

Explanation

Backing up data frequently is the best way to mitigate ransomware attacks because it ensures that you have access to clean copies of your data, enabling recovery without paying the ransom. Paying the ransom and invoking a disaster recovery plan may not guarantee data recovery, while requiring password changes does not address the root cause of ransomware attacks.