Certified Chief Information Security Officer (CCISO) — Question 166

Which is the BEST solution to monitor, measure, and report changes to critical data in a system?

Answer options

• A. SNMP traps
• B. Syslog
• C. File integrity monitoring
• D. Application logs

Correct answer: C

Explanation

File integrity monitoring is specifically designed to track changes to critical files and data, making it the best choice for this purpose. SNMP traps and Syslog are useful for general system monitoring but do not provide detailed change tracking. Application logs can offer insights into application behavior but may not comprehensively cover changes to critical data.