ISACA Certified AI Security Manager — Question 29

Which of the following is the MOST effective use of AI-enabled tools in a security operations center (SOC)?

Answer options

• A. Employing AI-enabled tools to reduce false negatives by detecting subtle attack patterns
• B. Replacing human analysis with automated AI decision-making processes
• C. Assigning AI-enabled tools to triage non-critical alerts to preserve SOC resources
• D. Using AI-enabled tools exclusively to classify all types of security incidents

Correct answer: A

Explanation

The correct answer, A, highlights the importance of AI in enhancing threat detection by identifying subtle attack patterns, which is crucial for improving security posture. Options B and D suggest over-reliance on AI, which can lead to missed context and critical insights that human analysts provide. Option C, while beneficial in resource allocation, does not leverage AI's full potential in threat detection.