Certified Information Security Manager (CISM) — Question 4
Which of the following BEST enables successful identification of a potential IT security incident?
Answer options
- A. Configuration management standards
- B. Event correlation
- C. Network intrusion detection systems (NIDS)
- D. File integrity monitoring
Correct answer: B
Explanation
Event correlation is essential for identifying potential security incidents as it analyzes and correlates data from various sources to detect patterns indicative of threats. The other options, while important for security, do not focus specifically on correlating events to identify incidents, making them less effective for this purpose.