Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CISSP Exam - Topic 2 Question 95 Discussion

Actual exam question for ISC2's CISSP exam
Question #: 95
Topic #: 2
[All CISSP Questions]

A continuous information security-monitoring program can BEST reduce risk through which of the following?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Janna at Aug 06, 2024, 06:45 AM

Limited Time Offer

25%

Off

Get Premium CISSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Patrick
4 months ago
Wait, can a program really reduce risk that much? Sounds too good to be true!
upvoted 0 times
...
Micah
5 months ago
D seems too narrow. Logging changes alone won't cut it.
upvoted 0 times
...
Susana
5 months ago
B sounds good, but how do we ensure visibility without overloading?
upvoted 0 times
...
Franklyn
5 months ago
I think C is just as important. People and processes matter!
upvoted 0 times
...
Alison
5 months ago
A is definitely the best choice! Identifying anomalies is key.
upvoted 0 times
...
Truman
6 months ago
I practiced a similar question where visibility into user accounts was key. I wonder if option B might be the right choice here.
upvoted 0 times
...
Jeffrey
6 months ago
I feel like logging changes is important too, but I can't recall if it's the most effective way to reduce risk compared to the other options.
upvoted 0 times
...
Truman
6 months ago
I think option C about encompassing people, process, and technology sounds familiar. It seems like a holistic approach to risk reduction.
upvoted 0 times
...
Edelmira
6 months ago
I remember we discussed the importance of collecting security events to spot anomalies, but I'm not sure if that's the best option here.
upvoted 0 times
...
Tammi
6 months ago
I'm a bit confused by the wording of the question. Are they looking for the single BEST approach, or are there multiple valid ways to reduce risk through continuous monitoring? I'll need to think this through carefully.
upvoted 0 times
...
Ligia
6 months ago
Ah, this is right up my alley. A continuous monitoring program needs to cover people, processes, and technology to effectively reduce risk. I'll make sure to highlight that in my answer.
upvoted 0 times
...
Ressie
6 months ago
Hmm, this is a tricky one. I'm not sure if I should focus on the technical aspects or the broader program elements. Maybe I'll review the options carefully and see if I can identify the BEST approach.
upvoted 0 times
...
Demetra
6 months ago
This looks like a straightforward question about security monitoring. I'll focus on the key elements of a continuous monitoring program - collecting events, correlating them for anomalies, and providing visibility into critical activities.
upvoted 0 times
...
Earleen
6 months ago
Hmm, this is a tricky one. I'll need to think through the different elements of pay and how the concerns and needs of employees at varying levels might differ.
upvoted 0 times
...
Elina
11 months ago
Continuous monitoring is like a seatbelt for your cybersecurity - it may not be the most exciting feature, but it could save your network in a crash.
upvoted 0 times
...
Juliann
11 months ago
Wait, they're not asking about the best way to monitor the office prankster's activities? I'm disappointed.
upvoted 0 times
Bette
10 months ago
D) Logging both scheduled and unscheduled system changes
upvoted 0 times
...
Kristofer
10 months ago
C) Encompassing people, process, and technology
upvoted 0 times
...
Geoffrey
10 months ago
B) Facilitating system-wide visibility into the activities of critical user accounts
upvoted 0 times
...
Nydia
10 months ago
A) Collecting security events and correlating them to identify anomalies
upvoted 0 times
...
...
Mari
11 months ago
Option B is important, but it's just one piece of the puzzle. We need visibility across the entire system.
upvoted 0 times
Brittni
9 months ago
D) Logging both scheduled and unscheduled system changes
upvoted 0 times
...
Lynelle
10 months ago
C) Encompassing people, process, and technology
upvoted 0 times
...
Tarra
10 months ago
A) Collecting security events and correlating them to identify anomalies
upvoted 0 times
...
...
Sabra
12 months ago
The ability to correlate security events and detect anomalies in Option A is also crucial for risk reduction.
upvoted 0 times
Arthur
10 months ago
C) Encompassing people, process, and technology
upvoted 0 times
...
Winfred
10 months ago
B) Facilitating system-wide visibility into the activities of critical user accounts
upvoted 0 times
...
Reyes
10 months ago
A) Collecting security events and correlating them to identify anomalies
upvoted 0 times
...
...
Kate
1 year ago
I agree, a holistic view of people, process, and technology is key for effective security monitoring.
upvoted 0 times
Lauryn
11 months ago
C) Encompassing people, process, and technology
upvoted 0 times
...
Danilo
11 months ago
A) Collecting security events and correlating them to identify anomalies
upvoted 0 times
...
Aleshia
11 months ago
C) Encompassing people, process, and technology
upvoted 0 times
...
Regenia
11 months ago
B) Facilitating system-wide visibility into the activities of critical user accounts
upvoted 0 times
...
Nina
12 months ago
A) Collecting security events and correlating them to identify anomalies
upvoted 0 times
...
...
Kallie
1 year ago
I see your point, Viola. But I still think B is the best option. Having system-wide visibility into critical user accounts is crucial for reducing risk.
upvoted 0 times
...
Goldie
1 year ago
Option C seems the most comprehensive approach to reducing risk through continuous security monitoring.
upvoted 0 times
...
Viola
1 year ago
I disagree, I believe the answer is C. Including people, process, and technology covers all bases.
upvoted 0 times
...
Eleonore
1 year ago
I think the answer is A, because correlating security events can help identify anomalies.
upvoted 0 times
...

Save Cancel