ExpertMinds LogoExpertMinds
Easy1 markMultiple Choice
Area II: SecurityInternal ControlsSecurity

CPA · Question 30 · Area II: Security

Which of the following is an example of a 'Preventive' control?

Answer options:

A.

Reviewing system logs for failed login attempts.

B.

Implementing a firewall to block unauthorized traffic.

C.

Restoring data from a backup after a ransomware attack.

D.

Conducting a post-incident analysis.

How to approach this question

Classify controls by timing: Before (Preventive), During/After (Detective), Fix (Corrective).

Full Answer

B.Implementing a firewall to block unauthorized traffic.✓ Correct
Preventive controls are designed to keep errors or irregularities from occurring in the first place. A firewall blocks access, preventing the intrusion.

Common mistakes

Confusing Preventive with Detective (finding out it happened).
29All questions31

Practice the full CPA ISC Practice Exam 3

82 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...MediumQ02During a review of a client's cloud governance structure, an auditor notes that the client uses a...MediumQ03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...HardQ04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...HardQ05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium
View all 82 questions →