ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 284 discussion

Actual exam question from Isaca's CISM
Question #: 284
Topic #: 1
[All CISM Questions]

Which of the following would be the MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account?

  • A. Set up an agent to run a virus-scanning program across platforms.
  • B. Ensure that proper controls exist for code review and release management.
  • C. Implement controls for continuous monitoring of middleware transactions.
  • D. Apply the latest patch programs to the production operating systems.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Abhey at April 13, 2023, 5:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Abhey
Highly Voted 1 year, 7 months ago
Selected Answer: C
The MOST effective countermeasure against malicious programming that rounds down transaction amounts and transfers them to the perpetrator's account is to implement controls for continuous monitoring of middleware transactions. This type of fraud, known as salami slicing, involves making small fraudulent transactions that are difficult to detect but add up over time. By implementing controls for continuous monitoring of middleware transactions, organizations can detect and prevent this type of fraud by monitoring all transactions for patterns and anomalies. The other options listed may provide some protection against malware, but they are not specifically targeted at the type of fraud described in the question.
upvoted 6 times
CISSPST
1 year, 4 months ago
Thanks, Abhey. I have researched online, and your explanation is on the spot.
upvoted 1 times
...
...
face9d6
Most Recent 1 day, 11 hours ago
Selected Answer: B
The C answer isn´t preventive.
upvoted 1 times
...
HN2025
10 months ago
Selected Answer: B
B is preventive and C is reactive
upvoted 4 times
...
Noragretz
10 months, 1 week ago
Selected Answer: C
Question is vague. I chose C thinking it means a malicious program in your environment. If this refers to malicious programming code, then the answer is B for code review.
upvoted 2 times
...
Ridenar
1 year, 3 months ago
in a nutshell its B countermeasure (proactive measure). C is reactive.
upvoted 2 times
...
richck102
1 year, 5 months ago
C. Implement controls for continuous monitoring of middleware transactions.
upvoted 2 times
...
Dravidian
1 year, 7 months ago
Selected Answer: B
I would agree with B since B is a preventative control while C is a detective control
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel