A continuous information security monitoring program can BEST reduce risk through which of the following?
A. Collecting security events and correlating them to identify anomalies
B. Facilitating system-wide visibility into the activities of critical user accounts
C. Encompassing people, process, and technology
D. Logging both scheduled and unscheduled system changes
|
Download Printable PDF. VALID exam to help you PASS. |
 |
How can we make the changes on this website so the correct answers are showing… not these wrong ones.
Also, how are these answers justified… especially when they appear to be wrong.
The answer is C
sure?
I agree that the correct answer is C. Here is an excerpt from the Official (ISC)² Guide to the CISSP CBK, 5th Edition:
“Information security continuous monitoring (ISCM) is a holistic strategy to improve and address security. As with any security initiative, it begins with senior management buy-in. The most effective security programs consistently have upper management support. This creates an environment where the policies, the budget, and the vision for
the company all include security as a cornerstone of the company’s success. ISCM is designed to align facets of the organization including the people, the processes, and the technologies in place.”