Certified Information Security Manager (CISM) — Question 552

An organization has fallen victim to a spear-phishing attack that compromised the multi-factor authentication code. What is the information security manager's
MOST important follow-up action?

Answer options

• A. Communicate the threat to users.
• B. Install client anti-malware solutions.
• C. Implement firewall blocking of known attack signatures.
• D. Implement an advanced email filtering system.

Correct answer: A

Explanation

The most critical follow-up action is to communicate the threat to users, as they need to be aware of the potential risks and take necessary precautions. While installing anti-malware, implementing firewall measures, and advanced email filtering are also important, they do not directly address the immediate need for user awareness and education about the ongoing threat.