試験IIA-CIA-Part3-JPN トピック2 問題121 スレッド
IIA IIA-CIA-Part3-JPNのリアル試験問題集
問題 #: 121
トピック #: 2
問題 #: 121
トピック #: 2
次のうち、破壊的なコードが組織のシステムにインストールされるのを阻止することを目的としたサイバーセキュリティ監視活動はどれですか?
おすすめの解答:B 解答を投票する
* Malware Defense as a Cybersecurity Monitoring Activity:
* Malware defense refers to the use of antivirus software, endpoint detection and response (EDR), behavior analysis, and real-time monitoring to detect and block malicious code before it can be installed on an organization's systems.
* It helps prevent infections from viruses, ransomware, spyware, trojans, and worms that can disrupt business operations.
* IIA GTAG (Global Technology Audit Guide) on Cybersecurity states that monitoring tools should proactively detect and neutralize threats before they can execute malicious actions.
* A. Boundary defense (Incorrect)
* Boundary defense includes firewalls, intrusion detection/prevention systems (IDS/IPS), and network segmentation, which control external access but do not directly monitor and remove malware.
* Malware can still enter through phishing emails, infected USB drives, or compromised internal systems.
* C. Penetration tests (Incorrect)
* Penetration tests simulate attacks to identify vulnerabilities, but they do not actively monitor and prevent malware from being installed.
* They help improve security but are not a continuous monitoring activity.
* D. Wireless access controls (Incorrect)
* Wireless security helps prevent unauthorized network access, but it does not specifically monitor and block malware installation.
* Malware can still spread via legitimate access points, infected devices, or phishing attacks.
Explanation of Answer Choice B (Correct Answer):Explanation of Incorrect Answers:Conclusion:To deter disruptive codes (malware) from being installed, organizations should implement continuous malware defense (Option B), including antivirus software, endpoint security, and behavioral analytics.
IIA References:
* IIA GTAG - Cybersecurity
* IIA Standard 2120 - Risk Management
* Malware defense refers to the use of antivirus software, endpoint detection and response (EDR), behavior analysis, and real-time monitoring to detect and block malicious code before it can be installed on an organization's systems.
* It helps prevent infections from viruses, ransomware, spyware, trojans, and worms that can disrupt business operations.
* IIA GTAG (Global Technology Audit Guide) on Cybersecurity states that monitoring tools should proactively detect and neutralize threats before they can execute malicious actions.
* A. Boundary defense (Incorrect)
* Boundary defense includes firewalls, intrusion detection/prevention systems (IDS/IPS), and network segmentation, which control external access but do not directly monitor and remove malware.
* Malware can still enter through phishing emails, infected USB drives, or compromised internal systems.
* C. Penetration tests (Incorrect)
* Penetration tests simulate attacks to identify vulnerabilities, but they do not actively monitor and prevent malware from being installed.
* They help improve security but are not a continuous monitoring activity.
* D. Wireless access controls (Incorrect)
* Wireless security helps prevent unauthorized network access, but it does not specifically monitor and block malware installation.
* Malware can still spread via legitimate access points, infected devices, or phishing attacks.
Explanation of Answer Choice B (Correct Answer):Explanation of Incorrect Answers:Conclusion:To deter disruptive codes (malware) from being installed, organizations should implement continuous malware defense (Option B), including antivirus software, endpoint security, and behavioral analytics.
IIA References:
* IIA GTAG - Cybersecurity
* IIA Standard 2120 - Risk Management
伊藤** 2026-02-04 03:42:11
コメント
他人の解答コメントを賛成するのも、その解答に一票を入れることになります。したがって、すでに同じ意見の投票コメントが存在する場合、新規コメントをする代わりに賛成することもできます。
コメントを通報する
コメント中
今すぐ 新規登録 / ログイン (無料です)。