Certified Information Security Manager (CISM) — Question 723

Which of the following presents the GREATEST challenge to the recovery of critical systems and data following a ransomware incident?

Answer options

• A. Unavailable or corrupt data backups
• B. Ineffective alert configurations for backup operations
• C. Lack of encryption for backup data in transit
• D. Undefined or undocumented backup retention policies

Correct answer: A

Explanation

The correct answer is A because if data backups are unavailable or corrupted, it makes recovery impossible or extremely difficult. Options B, C, and D, while they present challenges, do not directly prevent access to backups like unavailable or corrupt backups do.