ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 449 discussion

Actual exam question from Isaca's CISM
Question #: 449
Topic #: 1
[All CISM Questions]

An information security manager wants to implement a security information and event management (SIEM) system that will aggregate log data from all systems that control perimeter access. Which of the following would BEST support the business case for this initiative to senior management?

  • A. Industry examples of threats detected using a SIEM system
  • B. Alignment with industry best practices
  • C. Independent evidence of a SIEM system's ability to reduce risk
  • D. Metrics related to the number of systems to be consolidated
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by mad68 at May 13, 2023, 9:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
oluchecpoint
10 months ago
Selected Answer: C
C. Independent evidence of a SIEM system's ability to reduce risk: This option provides concrete evidence that SIEM systems have been effective in reducing risk in real-world scenarios. It carries more weight because it's not just theoretical or based on examples but is supported by actual data and studies.
upvoted 2 times
...
richck102
1 year ago
C. Independent evidence of a SIEM system's ability to reduce risk
upvoted 1 times
...
mad68
1 year, 1 month ago
Selected Answer: C
C. Independent evidence of a SIEM system's ability to reduce risk ISACA places emphasis on the importance of evidence-based decision-making and demonstrating the ability of security initiatives to reduce risk. Providing independent evidence of a SIEM system's effectiveness in reducing risk would be a strong argument to support the business case for implementing such a system. This evidence could include reports, studies, or assessments from trusted sources that highlight the positive impact of SIEM systems in enhancing security and mitigating threats.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel