nerdexam
Isaca

AAISM · Question #243

How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?

The correct answer is D. Implement resilient payment approval processes. AAISM's risk management framework stresses that the most effective defense against deepfake- enabled fraud, such as payment diversion, is resilient payment approval processes. This includes multi-step verification, segregation of duties, and independent confirmations for high-val

AI Security Assurance and Resilience

Question

How can an organization BEST protect itself from payment diversions caused by deepfake attacks impersonating management?

Options

  • ARequire mandatory deepfake detection training for all employees
  • BMandate that payments be sent only once per week
  • CIssue a security policy on deepfakes
  • DImplement resilient payment approval processes

How the community answered

(17 responses)
  • B
    12% (2)
  • C
    6% (1)
  • D
    82% (14)

Explanation

AAISM's risk management framework stresses that the most effective defense against deepfake- enabled fraud, such as payment diversion, is resilient payment approval processes. This includes multi-step verification, segregation of duties, and independent confirmations for high-value transactions. Employee training, policies, or limiting payment frequency may reduce exposure, but they cannot guarantee prevention. Only process-based controls enforce structural safeguards that prevent fraudulent instructions from being executed, even if a deepfake impersonation attempt is successful.

Topics

#Deepfake security#Payment fraud prevention#Approval processes#Organizational resilience

Community Discussion

No community discussion yet for this question.

Full AAISM Practice