Certified Chief Information Security Officer (CCISO) — Question 168
The alerting, monitoring and life-cycle management of security-related events is typically handled by the_________________.
Answer options
- A. risk management process
- B. risk assessment process
- C. governance, risk, and compliance tools
- D. security threat and vulnerability management process
Correct answer: D
Explanation
The correct answer is D because the security threat and vulnerability management process specifically focuses on identifying, evaluating, and responding to security threats. Options A and B relate to broader risk management strategies, while C refers to tools that support compliance and governance, not specifically life-cycle management of security events.