Certified Information Systems Auditor (CISA) — Question 869

Which of the following is MOST important for the effective implementation of an intrusion detection system (IDS)?

Answer options

• A. Providing logs for monitoring and reporting
• B. Configuring the security policy in line with best practice
• C. Setting alarms for late night traffic
• D. Auto-installing updates

Correct answer: B

Explanation

The correct answer is B because a well-configured security policy that follows best practices is essential for an effective IDS implementation, ensuring it can accurately detect and respond to threats. The other options, while important, do not directly influence the foundational setup and effectiveness of the IDS in the same way that a solid security policy does.