ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 502 discussion

Actual exam question from Isaca's CISM
Question #: 502
Topic #: 1
[All CISM Questions]

Which of the following is the BEST way to prevent insider threats?

  • A. Implement strict security policies and password controls.
  • B. Conduct organization-wide security awareness training.
  • C. Enforce segregation of duties and least privilege access.
  • D. Implement logging for all access activities.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Ziggybooboo at Dec. 16, 2022, 2:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CarlLimps
Highly Voted 2 years ago
Selected Answer: C
C. the key word here is "prevent" which is what SOD and least privilege does. Logging is used for detective control.
upvoted 7 times
...
afb4b17
Most Recent 8 months, 2 weeks ago
Selected Answer: D
Answer C will reduce the impact of insider attack. Logging in itself is not enough. The answer should be " logging with monitoring of anomalies.
upvoted 1 times
Josef4CISM
1 month, 1 week ago
Log analysis is used either for detection or for incident response. the question is asking for prevention - therefore C should be the right answer.
upvoted 1 times
...
...
Uncle_Lucifer
1 year, 2 months ago
Selected Answer: B
some people are saying least privilege and roles can prevent insider attack, it wont. it will limit the impact due to limitation. best answer is user training. --> B
upvoted 1 times
xcjxcj
1 year ago
A trainned insider is more dangerous
upvoted 1 times
...
xcjxcj
1 year ago
Training is good for outside threat.
upvoted 1 times
...
...
oluchecpoint
1 year, 5 months ago
Selected Answer: C
C. Enforce segregation of duties and least privilege access. Enforcing segregation of duties and implementing the principle of least privilege access means that employees are only granted access to the systems, data, and resources they need to perform their specific job functions. This reduces the risk of employees having unnecessary access to sensitive information and limits their ability to misuse or abuse their privileges.
upvoted 1 times
...
richck102
1 year, 8 months ago
C. Enforce segregation of duties and least privilege access.
upvoted 2 times
richck102
1 year, 8 months ago
or B. Conduct organization-wide security awareness training. ........why not
upvoted 2 times
AaronS1990
1 year, 6 months ago
Because you'd also be training the insider threat who doesn't care at all for the training. Minimizing their access however would impede them.
upvoted 1 times
Uncle_Lucifer
1 year, 2 months ago
But not prevent the attack nonetheless. The choices are crappy, but B is still best for preventing. C is best answer for mitigating
upvoted 1 times
...
...
...
...
karanvp
1 year, 8 months ago
This question talk about Threat; but not incident/risk. Even with least priority, the internal people still can be a threat to organization and it's assets(including physical threat); if there is no proper log, then can't find difficult to identify the threat too. If internal people knows who will be caught through logs, then he/she won't do any vulnerable activities.
upvoted 1 times
karanvp
1 year, 8 months ago
Correction ".....can't find difficult to identify the person who is threat for the organisation......."
upvoted 1 times
...
...
wello
1 year, 8 months ago
Selected Answer: C
C. Enforce segregation of duties and least privilege access.
upvoted 1 times
...
Dravidian
1 year, 9 months ago
Selected Answer: C
Yea, D is clearly the most incorrect answer here. The question is asking about preventing. Logging is a detective control and has provides no value to the question.
upvoted 2 times
...
SIMTEIN
2 years ago
C. the key word here is "prevent" which is what SOD and least privilege does. Logging is used for detective control
upvoted 3 times
...
Souvik124
2 years ago
Preventing insider threats can be challenging as they are often caused by individuals with legitimate access to an organization's systems and data. However, implementing a combination of preventative measures can help mitigate the risk. Of the options listed, the BEST way to prevent insider threats is to enforce segregation of duties and least privilege access (Option C).
upvoted 2 times
...
aokisan
2 years, 2 months ago
Selected Answer: C
Clearly, C.
upvoted 2 times
...
Manzer
2 years, 2 months ago
Selected Answer: C
The key is prevent. Logs do not prevent.
upvoted 4 times
...
Ziggybooboo
2 years, 2 months ago
C for me
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago