Certified in Risk and Information Systems Control (CRISC) — Question 848

Which of the following MOST effectively limits the impact of a ransomware attack?

Answer options

• A. End user training
• B. Cyber insurance
• C. Data backups
• D. Cryptocurrency reserve

Correct answer: C

Explanation

Data backups are the most effective way to limit the impact of a ransomware attack because they allow organizations to restore their files without having to pay the ransom. While end user training can reduce the risk of infection, it does not mitigate the impact once an attack has occurred. Cyber insurance may help financially, but does not prevent or reduce the attack's immediate effects. A cryptocurrency reserve does not provide any protective measures against ransomware attacks.