Certified Information Security Manager (CISM) — Question 1109

An information security manager has been tasked with implementing a security solution that provides insight into potential security incidents Which of the following BEST supports this activity?

Answer options

• A. Intrusion detection system (IDS)
• B. Security information and event management (SIEM)
• C. Data loss prevention system (DLP)
• D. User behavior analytics

Correct answer: B

Explanation

The correct answer is B, Security information and event management (SIEM), as it aggregates and analyzes security data to provide insights into potential incidents. Option A, Intrusion detection system (IDS), primarily focuses on detecting threats rather than providing a comprehensive view of security events. Option C, Data loss prevention system (DLP), is designed to prevent data breaches but does not provide insight into security incidents. Option D, User behavior analytics, analyzes user behavior but does not offer a broad overview of security events like SIEM does.