Certified Information Systems Auditor (CISA) — Question 1287

Which of the following is the MOST effective way for an IS auditor to evaluate whether an organization is well positioned to defend against an advanced persistent threat (APT)?

Answer options

• A. Verify that the organization has adequate levels of cyber insurance.
• B. Review the validity of external Internet Protocol (IP) addresses accessing the network.
• C. Verify that the organization is using correlated data for security monitoring.
• D. Assess the skill set with in the security function.

Correct answer: C

Explanation

The correct answer, C, highlights the importance of using correlated data for security monitoring, which is crucial in identifying and responding to APTs. Options A and B focus on insurance and external traffic validation, which do not directly address preparedness against APTs. Option D, while relevant, does not specifically relate to the effectiveness of security monitoring strategies.