Certified Information Security Manager (CISM) — Question 1098

Which of the following actions will BEST resolve the root cause of a cyber incident involving unauthorized network access due to a critical vulnerability on a web server?

Answer options

• A. Improving the patching process
• B. Locking accounts with unauthorized access
• C. Isolating affected systems
• D. Terminating malicious network connections

Correct answer: A

Explanation

Improving the patching process directly addresses the critical vulnerability that allowed unauthorized access, thereby preventing future incidents. Locking accounts with unauthorized access, isolating affected systems, and terminating malicious connections are reactive measures that do not eliminate the underlying vulnerability.