CRISC Question #167: Real Exam Question with Answer & Explanation

Question

Which of the following is the MOST effective way for a large and diversified organization to minimize risk associated with unauthorized software on company devices?

Options

• AScan end points for applications not included in the asset inventory.
• BProhibit the use of cloud-based virtual desktop software.
• CConduct frequent reviews of software licenses.
• DPerform frequent internal audits of enterprise IT infrastructure.

Explanation

Scanning endpoints for applications not listed in the asset inventory is the most effective way to minimize the risk of unauthorized software, as it actively detects non-compliant installations across the network. This approach directly identifies unknown and potentially malicious software, enabling prompt remediation.

Common mistakes.

• B. Prohibiting cloud-based virtual desktop software is too restrictive and not directly focused on detecting unauthorized software on company devices; it targets a specific legitimate technology that might be part of an approved stack.
• C. Conducting frequent reviews of software licenses is important for compliance and cost management but primarily identifies licensing non-compliance rather than the presence of potentially malicious or unauthorized software itself.
• D. Performing frequent internal audits of enterprise IT infrastructure is a broad control; while it might uncover unauthorized software, it's not as targeted or efficient for this specific purpose as dedicated endpoint scanning.

Concept tested. Unauthorized software detection (Asset inventory & Endpoint scanning)

Reference. https://learn.microsoft.com/en-us/microsoft-365/compliance/overview-of-microsoft-365-compliance?view=o365-worldwide#asset-management

No community discussion yet for this question.