🔥 3-day streak
ISACA CISM — Certified Information Security Manager19 / 121
Question 19 of 121

Following a ransomware incident that encrypted several file servers, an organization successfully restored operations from backups within its recovery objectives. The information security manager is now reviewing the control set to reduce the impact of any future occurrence. Which type of control was MOST directly responsible for limiting the business impact in this case, and should be prioritized for continued investment?

Reviewed for accuracy · Report an issueNext question