An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred:
✑ A bad actor broke into a business-critical FTP server by brute forcing an administrative password
✑ The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored
✑ The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server
✑ After three (3) hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail
Which of the following could have been prevented by conducting regular incident response testing?

A. Stolen data

B. The server being compromised

C. The brute force attack

D. Ignored alert messages








 

Suggested Answer: D



This question is in CISM exam 
For getting Certified Information Security Manager Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.