Certified Information Security Manager (CISM) — Question 1160

An organization is concerned with the potential for exploitation of vulnerabilities in its server systems. Which of the following is the BEST control to mitigate the associated risk?

Answer options

• A. Enforcing standard system configurations based on secure configuration benchmarks
• B. Implementing network and system-based anomaly monitoring software for server systems
• C. Enforcing configurations for secure logging and audit trails on server systems
• D. Implementing host-based intrusion detection systems (IDS) on server systems

Correct answer: A

Explanation

The best control to reduce the risk of exploitation is to enforce standard system configurations based on secure configuration benchmarks, as it directly addresses vulnerabilities by ensuring servers are set up securely from the start. While anomaly monitoring, secure logging, and host-based IDS are important, they are reactive measures that do not prevent the initial configuration vulnerabilities that the organization is concerned about.