Skip to Content

ISACA CISM: Which is MOST helpful in preventing cybersecurity incidents

By: Author Alex Lim

Posted on

Categories Exam

Table of Contents

Question

Which of the following is MOST helpful in preventing cybersecurity incidents?

A. Testing the backup plan according to a defined schedule
B. Documenting and testing incident response plans
C. Delivering periodic end-user security awareness training
D. Implementing best practice password parameters

Answer

C. Delivering periodic end-user security awareness training

Explanation

The correct answer is C. Delivering periodic end-user security awareness training. This is because end-user security awareness training is the most effective way to prevent cybersecurity incidents by educating users on how to recognize and avoid common threats, such as phishing, malware, social engineering, and password attacks. End-user security awareness training can also help users understand their roles and responsibilities in protecting the organization’s information assets and complying with security policies and standards.

The other options are not as helpful in preventing cybersecurity incidents as end-user security awareness training. Testing the backup plan according to a defined schedule (A) is important for ensuring business continuity and data recovery in case of an incident, but it does not prevent the incident from happening in the first place. Documenting and testing incident response plans (B) is also essential for minimizing the impact and restoring normal operations after an incident, but it does not address the root causes or reduce the likelihood of an incident. Implementing best practice password parameters (D) is a good security measure to protect user accounts and systems from unauthorized access, but it does not cover all the possible attack vectors or human errors that can lead to an incident.

Therefore, delivering periodic end-user security awareness training is the most helpful option in preventing cybersecurity incidents, as it can raise the level of security culture and awareness among users and reduce the human factor as a source of vulnerability.

Isaca Certified Information Security Manager CISM certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Isaca Certified Information Security Manager CISM exam and earn Isaca Certified Information Security Manager CISM certification.