Medium1 markMultiple Choice

Area II: SecurityCIS ControlsFrameworks

CPA · Question 49 · Area II: Security

Which CIS Control is typically prioritized as Control #1 because you cannot protect what you do not know you have?

Answer options:

A.

Inventory and Control of Enterprise Assets

B.

Data Protection

C.

Account Management

D.

Incident Response Management

How to approach this question

Recall the foundational CIS Control.

Full Answer

A.Inventory and Control of Enterprise Assets✓ Correct

A

CIS Control 1 is 'Inventory and Control of Enterprise Assets'. You cannot secure devices if you don't know they exist on your network.

Common mistakes

Thinking Data Protection comes before Hardware Inventory.

Question 48 All questions Question 50

Practice the full CPA ISC Practice Exam 3

82 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...Medium Q02During a review of a client's cloud governance structure, an auditor notes that the client uses a...Medium Q03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...Hard Q04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...Hard Q05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium

View all 82 questions →