Certified Information Systems Auditor (CISA) — Question 463

Which of the following is MOST effective in detecting an intrusion attempt?

Answer options

• A. Using packet filter software
• B. Using smart cards with one-time passwords
• C. Installing biometrics-based authentication
• D. Analyzing system logs

Correct answer: D

Explanation

Analyzing system logs is the most effective way to detect intrusion attempts as it allows for the identification of unusual patterns or unauthorized access events. The other options, while useful for security, do not provide direct insights into ongoing or past intrusion attempts like log analysis does.