Certified Information Security Manager (CISM) — Question 749

What is the BEST way to reduce the impact of a successful ransomware attack?

Answer options

• A. Include provisions to pay ransoms in the information security budget
• B. Monitor the network and provide alerts on intrusions
• C. Perform frequent backups and store them offline
• D. Purchase or renew cyber insurance policies

Correct answer: C

Explanation

Performing frequent backups and storing them offline ensures that you have access to clean data, allowing you to restore systems without paying the ransom. While the other options may provide some level of protection or recovery, they do not directly prevent loss of data or operational disruption caused by ransomware like offline backups do.