Which of the following is the MOST effective way for an IS auditor to evaluate whether an organization is well positioned to defend against an advanced persistent threat (APT)?
A.
Verify that the organization has adequate levels of cyber insurance.
B.
Review the validity of external Internet Protocol (IP) addresses accessing the network.
C.
Verify that the organization is using correlated data for security monitoring.
D.
Assess the skill set with in the security function.
Correlation of Events: The true value of SIEM/UEBA solutions lies in their ability to correlate seemingly unrelated security events in real-time. This correlation identifies patterns, trends, and relationships between different activities that could indicate a coordinated attack or unusual user behavior. By connecting the dots, security analysts gain valuable insights into the attack's nature and can respond more effectively.
C. Verify that the organization is using correlated data for security monitoring.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
MIMIBAK
1 month, 1 week agoChangwha
3 months ago