Certified Information Security Manager (CISM) — Question 67

An organization wants to enable digital forensics for a business-critical application. Which of the following will BEST help to support this objective?

Answer options

• A. Install biometric access control.
• B. Develop an incident response plan.
• C. Define data retention criteria.
• D. Enable activity logging.

Correct answer: D

Explanation

Enabling activity logging is essential for digital forensics as it allows for the recording of actions and events that occur within the application, providing critical data for investigations. The other options, while important for security and incident management, do not directly contribute to the collection of evidence needed for forensic analysis.