Certified Information Security Manager (CISM) — Question 5

When monitoring the security of a web-based application, which of the following is MOST frequently reviewed?

Answer options

• A. Audit reports
• B. Access logs
• C. Access lists
• D. Threat metrics

Correct answer: B

Explanation

Access logs are crucial for monitoring user activity and identifying potential security breaches, making them the most frequently reviewed item. While audit reports and threat metrics are important, they are typically analyzed less frequently than access logs, and access lists are more about permissions rather than security monitoring.