Certified Information Security Manager (CISM) — Question 712

Which of the following is the MOST important action to prepare for a ransomware attack?

Answer options

• A. Back up data regularly and verify the integrity of backups.
• B. Scan emails to detect threats and filter out executable files.
• C. Configure access controls with least privilege in mind.
• D. Execute operating systems and programs in a virtualized environment.

Correct answer: A

Explanation

The most critical measure against a ransomware attack is to regularly back up data and ensure that those backups are intact, as this allows for recovery without paying a ransom. While scanning emails and configuring access controls can help prevent attacks, they do not provide a recovery solution if a ransomware attack occurs. Virtualizing operating systems and programs can enhance security, but it is not as essential as having reliable data backups.