Medium1 markMultiple Choice

Area II: SecurityInternal ControlsSecurity

CPA · Question 45 · Area II: Security

Which of the following is a 'Corrective' control?

Answer options:

A.

Patching a vulnerability after an exploit is discovered.

B.

Intrusion Detection System (IDS).

C.

Background checks for new hires.

D.

Security Awareness Training.

How to approach this question

Identify the action that 'Fixes' or 'Restores'.

Full Answer

A.Patching a vulnerability after an exploit is discovered.✓ Correct

A

Corrective controls are designed to correct errors or irregularities that have been detected. Patching a system corrects the software flaw.

Common mistakes

Confusing Corrective with Preventive.

Question 44 All questions Question 46

Practice the full CPA ISC Practice Exam 3

82 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...Medium Q02During a review of a client's cloud governance structure, an auditor notes that the client uses a...Medium Q03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...Hard Q04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...Hard Q05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium

View all 82 questions →