CRISC Certified in Risk and Information Systems Control – Question547

In response to the threat of ransomware, an organization has implemented cybersecurity awareness activities. The risk practitioner’s BEST recommendation to further reduce the impact of ransomware attacks would be to implement:

A.
encryption for data at rest
B. encryption for data in motion
C. two-factor authentication
D. continuous data backup controls

Correct Answer: D