Certified Information Systems Auditor (CISA) — Question 1200

Which of the following is the PRIMARY advantage of using an automated security log monitoring tool instead of conducting a manual review to monitor the use of privileged access?

Answer options

• A. Ease of log retrieval for audit purposes
• B. Ease of storing and maintaining log file
• C. Reduced costs associated with automating the review
• D. Increased likelihood of detecting suspicious activity

Correct answer: D

Explanation

The correct answer, D, highlights that automated tools enhance the detection of suspicious activities due to their ability to analyze logs continuously and comprehensively. In contrast, options A, B, and C, while they mention valid aspects of log management, do not address the primary advantage of improved detection capabilities that automation provides.