ExpertMedium1 markMultiple Choice
CPA · Question 48 · Area II: Security
Which of the following is a 'Preventive' control?
Which of the following is a 'Preventive' control?
Answer options:
A.
Security Information and Event Management (SIEM) alerts.
B.
Application Whitelisting
C.
Incident Response Plan.
D.
Motion detectors.
How to approach this question
Identify the control that stops the bad thing BEFORE it happens.
Full Answer
B.Application Whitelisting✓ Correct
Application Whitelisting
Application whitelisting prevents the execution of any software not explicitly approved.
Common mistakes
Confusing Detective (Alerts) with Preventive (Blocks).
Practice the full CPA ISC Practice Exam 2
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll platform where clients access the software ...MediumQ02An auditor is reviewing the backup strategy for a financial institution that requires a Recovery ...HardQ03During a walkthrough of the change management process, an auditor observes that developers have w...MediumQ04An auditor is reviewing a SQL query used to generate a list of active customers for a marketing c...HardQ05Which of the following entities is considered a 'Covered Entity' under the HIPAA Privacy Rule?Medium