ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 284 discussion

Actual exam question from Isaca's CISM
Question #: 284
Topic #: 1
[All CISM Questions]

Which of the following would be the MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account?

  • A. Set up an agent to run a virus-scanning program across platforms.
  • B. Ensure that proper controls exist for code review and release management.
  • C. Implement controls for continuous monitoring of middleware transactions.
  • D. Apply the latest patch programs to the production operating systems.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Abhey at April 13, 2023, 5:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
HN2025
1 month ago
Selected Answer: B
B is preventive and C is reactive
upvoted 1 times
...
Noragretz
1 month, 1 week ago
Selected Answer: C
Question is vague. I chose C thinking it means a malicious program in your environment. If this refers to malicious programming code, then the answer is B for code review.
upvoted 1 times
...
Ridenar
7 months ago
in a nutshell its B countermeasure (proactive measure). C is reactive.
upvoted 1 times
...
[Removed]
7 months ago
Selected Answer: B
From the CISM Review Manual, 15th Edition, by ISACA (Page 219): "A key preventive control is the use of sound software development life cycle (SDLC) processes. Properly executed, the SDLC should help prevent the introduction of many types of malicious code."
upvoted 1 times
...
richck102
8 months, 4 weeks ago
C. Implement controls for continuous monitoring of middleware transactions.
upvoted 1 times
...
Dravidian
10 months, 2 weeks ago
Selected Answer: B
I would agree with B since B is a preventative control while C is a detective control
upvoted 4 times
...
Abhey
10 months, 3 weeks ago
Selected Answer: C
The MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account is to implement controls for continuous monitoring of middleware transactions. This type of fraud, known as salami slicing, involves making small fraudulent transactions that are difficult to detect but add up over time. By implementing controls for continuous monitoring of middleware transactions, organizations can detect and prevent this type of fraud by monitoring all transactions for patterns and anomalies. The other options listed may provide some protection against malware, but they are not specifically targeted at the type of fraud described in the question.
upvoted 4 times
CISSPST
7 months, 3 weeks ago
Thanks, Abhey. I have researched online, and your explanation is on the spot.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago