Question
Which is the MOST important to enable a timely response to a security breach? A. Knowledge sharing and collaboration B. Security event logging C. Roles
Which is the MOST important to enable a timely response to a security breach?
A. Knowledge sharing and collaboration
B. Security event logging
C. Roles and responsibilities
D. Forensic analysis
Correct Answer: B???? or C?????
______________________
Note
The official answer (could be incorrect because NO comes from ISACA!) is: "B. Security event logging".
Other experts claim that the correct answer is: "C. Roles and responsibilities".
This question, in my opinion, is unclear because: B. Security event logging = is the correct answer if the context requested by the question is at an operational level, then SIEM, in this case, is very useful in fact thanks to SIEM the response to the incident at the operational level will be more efficient C. Roles and responsibilities = is the correct answer if the context to which the question refers is the incident response plan (IRP), then it is evident that having an IRP that clarifies "who does what" (roles and responsibilities) then the response to the incident will be more efficient.
Your expert opinion (and explanation) is strongly requested. Many thanks in advance.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started