Certified Information Security Manager (CISM) — Question 215

Which of the following is the BEST way to ensure the capability to restore clean data after a ransomware attack?

Answer options

• A. Purchase cyber insurance
• B. Encrypt sensitive production data
• C. Maintain multiple offline backups
• D. Perform integrity checks on backups

Correct answer: C

Explanation

The correct answer is C because maintaining multiple offline backups ensures that there are copies of data that are not accessible to ransomware, allowing for a clean restoration. Options A and B do not directly address data recovery processes, while D, although useful, does not guarantee that clean data is available for restoration.