Certified Information Security Manager (CISM) — Question 298

Which of the following is the MOST effective way to detect security incidents?

Answer options

• A. Analyze penetration test results
• B. Analyze security anomalies
• C. Analyze recent security risk assessments
• D. Analyze vulnerability assessments

Correct answer: B

Explanation

The correct answer is B, as analyzing security anomalies allows for the detection of unusual patterns that may indicate a security incident. Options A, C, and D are valuable for understanding security posture but do not directly identify incidents in real-time like anomaly detection does.