220-1002 Question #677: Real Exam Question with Answer & Explanation

The correct answer is B: Tests of the data backups. Ransomware preparedness centers on the ability to recover without paying the ransom. The single most important capability is having verified, working backups. Testing data backups confirms that backups are complete, uncorrupted, and restorable within an acceptable timeframe - clo

Question

The Chief Information Security Officer (CISO) wants to ensure the company Is prepared in case of a ransomware attack. The CISO has requested network vulnerability scans, firewall audits, and ACL logs. Which of the following should the CISO also request?

Options

AAudits of the cloud storage platform
BTests of the data backups
CPhysical penetration tests
DNIDS signature updates

Explanation

Ransomware preparedness centers on the ability to recover without paying the ransom. The single most important capability is having verified, working backups. Testing data backups confirms that backups are complete, uncorrupted, and restorable within an acceptable timeframe - closing the gap between having backups and knowing they actually work. Vulnerability scans, firewall audits, and ACL reviews help prevent an attack but do nothing if prevention fails. Option A (cloud storage audits) is secondary. Option C (physical pen testing) addresses physical intrusion, not ransomware delivery. Option D (NIDS signatures) improves detection but not recovery. Backup testing is the definitive ransomware recovery control.

Community Discussion

No community discussion yet for this question.

Full 220-1002 Practice