Certified Information Security Manager (CISM) — Question 381

An organization has identified an increased threat of external brute force attacks in its environment. Which of the following is the MOST effective way to mitigate this risk to the organization's critical systems?

Answer options

• A. Increase the frequency of log monitoring and analysis.
• B. Implement a security information and event management system (SIEM).
• C. Increase the sensitivity of intrusion detection systems.
• D. Implement multi-factor authentication.

Correct answer: D

Explanation

Implementing multi-factor authentication (MFA) significantly strengthens access control by requiring multiple forms of verification, making it much harder for unauthorized users to gain access. While increasing log monitoring, using a SIEM, and enhancing intrusion detection systems can improve threat detection, they do not directly prevent unauthorized access as effectively as MFA does.