Exam CISM topic 1 question 163 discussion

The correct answer is B: Obtain supporting evidence that the problem has been corrected. The reason this is true is because the problem has to be resolved. All the other questions leave the problem unaddressed. A: What are best practices anyway? Plus this was outsourced to the provider anyway B. This addresses the fact that the firewall was poorly configured. C. While seeking damages from the provider is important. The first thing that should be done is to address the problem. D. While seeking to revisit the contract and improve it for accountability is important... the problem needs to be addressed first.

D redefine the accountability of SP

D is correct this is outsourcing, they are held accountable they are being paid for that

Clearly B. Is NOT A, the manager does not configure firewalls, and even less if it's outsourced Is NOT D, the service provider never is accountable (responsible, yes).

B. Obtain supporting evidence that the problem has been corrected. Before taking any further steps, it's crucial to ensure that the issue has been addressed and that the firewall is now properly configured to prevent unauthorized access. This involves verifying that the changes made align with best practices and are effective in enhancing security.

B. Obtain supporting evidence that the problem has been corrected.

Outsourcing information security functions does not relieve the organization of its responsibility to ensure the confidentiality, integrity, and availability of its information. While reconfiguring the firewall is important to ensure that the unauthorized access is prevented in the future, the organization needs to first revisit the contract with the service provider to ensure that the service provider is held accountable for their poorly configured firewall.

This is an outsource service, your first step is to check the contract. Correct answer is D

i think is B. firewall is outsourced, if we have a evidence that the problem has been corrected, therefore is okay and if this attack come again we can Seek damages from the service provider.

My choice is B. Out of the hundreds of questions I have done, every time there is an answer that "validates," "confirms," "reaffirms," or "confirms" that an issue has been resolved, this is the answer.

A. Reconfigure the firewall in accordance with best practices. The first step the information security manager should take is to address the immediate issue at hand, which is the poorly configured firewall that allowed unauthorized access and caused downtime. Reconfiguring the firewall in accordance with best practices will help to prevent a similar incident from occurring in the future. After that, they can move forward with obtaining supporting evidence that the problem has been corrected, revisiting the contract and improving accountability of the service provider, and potentially seeking damages from the service provider.