Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 20 discussion

Actual exam question from Isaca's CISM
Question #: 20
Topic #: 1
[All CISM Questions]

An information security team is investigating an alleged breach of an organization's network. Which of the following would be the BEST single source of evidence to review?

  • A. File integrity monitoring (FIM) software
  • B. Security information and event management (SIEM) tool
  • C. Intrusion detection system (IDS)
  • D. Antivirus software
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Antonivs at Jan. 12, 2023, 8:47 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
mad68
Highly Voted 1 year, 6 months ago
Selected Answer: B
B. Security information and event management (SIEM) tool. Accodring to ChatGPT: The BEST single source of evidence to review when investigating an alleged breach of an organization's network is the Security Information and Event Management (SIEM) tool. The SIEM tool collects and aggregates log data from various sources throughout the network, such as firewalls, intrusion detection systems, and servers. The data is then analyzed and correlated to identify potential security incidents or breaches.
upvoted 5 times
...
Broesweelies
Most Recent 1 month, 3 weeks ago
Selected Answer: B
B is correct
upvoted 2 times
CarlLimps
1 year, 9 months ago
Agree. ALSO - A, C, and D should have their logs being forwarded to the SIEM. SIEM for the win!
upvoted 1 times
...
...
Viperhunter
12 months ago
Selected Answer: B
A SIEM tool is designed to collect, analyze, and correlate logs and events from various sources within the network. It provides a comprehensive view of activities and potential security incidents, making it a valuable source of evidence during a breach investigation. SIEM tools can help identify patterns of behavior, anomalies, and potential indicators of compromise, allowing the security team to investigate and respond to security incidents effectively. While file integrity monitoring (FIM) software (option A), intrusion detection systems (IDS) (option C), and antivirus software (option D) are important components of a security infrastructure, a SIEM tool can centralize and analyze data from these and other sources, providing a more holistic view of the security landscape.
upvoted 2 times
...
richck102
1 year, 6 months ago
B. Security information and event management (SIEM) tool
upvoted 2 times
...
Antonivs
1 year, 10 months ago
C is interesting to review, but SIEM will have more info
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel