003-1246-001 [Based on CIS 502: Security Management] English MY LIBRARY MD ? Which is the most correct statement as to what it means to have a proactive approach with your information security risk management plans, programs, and systems? A O Being proactive means that you use the best knowledge you have today, including lessons learned from other organizations' experience with information risk; and you plan ahead to deal with them, rather than wait for them to occur and then investigate how to respond to them. D B O Proactive information security systems allow your security specialists to take real-time control of all system elements, and bring all information about events of interest into one common operational picture. This greatly enhances your ability to detect, characterize, and contain incidents. C C O Senior leaders and managers in many businesses appreciate active- thoughtful, forward-looking approaches, and you will find it easier to gain their support. B D O Being proactive means that your countermeasures and controls can actively trace back to identify, locate, and characterize your attackers, which can help you both in defending against them and in potentially seeking legal redress. A