Certified Information Security Manager (CISM) — Question 174

Which of the following is MOST important to determine following the discovery and eradication of a malware attack?

Answer options

• A. The creator of the malware
• B. The malware entry path
• C. The type of malware involved
• D. The method of detecting the malware

Correct answer: B

Explanation

Identifying the malware entry path is vital as it helps in understanding how the attack occurred and prevents future incidents. Knowing the creator or type of malware, while informative, does not aid immediately in strengthening defenses. The detection method is also important but focuses on response rather than prevention.