Certified in Risk and Information Systems Control (CRISC) — Question 419
Which of the following would BEST help to ensure that suspicious network activity is identified?
Answer options
- A. Analyzing server logs
- B. Coordinating events with appropriate agencies
- C. Analyzing intrusion detection system (IDS) logs
- D. Using a third-party monitoring provider
Correct answer: C
Explanation
The correct answer is C, as examining intrusion detection system (IDS) logs is specifically designed to identify unusual or malicious network behavior. While analyzing server logs (A) can provide some insights, IDS logs are more focused on security threats. Coordinating with agencies (B) and using a third-party provider (D) may help in broader contexts but do not directly pinpoint suspicious activities.