Certified Information Security Manager (CISM) — Question 166

Which of the following would provide the GREATEST assurance to management that information security incidents will be detected and contained in a timely manner without jeopardizing the organization’s mission?

Answer options

• A. Network security penetration testing program
• B. Continuous vulnerability scanning solution
• C. Security information and event management (SIEM) system
• D. Fully operational security operations center (SOC)

Correct answer: D

Explanation

A fully operational security operations center (SOC) provides comprehensive monitoring and response capabilities, ensuring that incidents are detected and managed effectively. While the other options contribute to security, they do not offer the same level of real-time oversight and incident management that a SOC provides.