nerdexam
(ISC)2

CISSP · Question #1013

Which of the following is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions?

The correct answer is D. Information Security Continuous Monitoring (ISCM). Information Security Continuous Monitoring (ISCM) is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. ISCM is a process that collects, analyzes, and reports on the secu

Submitted by helene.fr· Mar 5, 2026Security Operations

Question

Which of the following is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions?

Options

  • AInformation Security Management System (ISMS)
  • BInformation Sharing & Analysis Centers (ISAC)
  • CRisk Management Framework (RMF)
  • DInformation Security Continuous Monitoring (ISCM)

How the community answered

(62 responses)
  • A
    2% (1)
  • B
    5% (3)
  • C
    3% (2)
  • D
    90% (56)

Explanation

Information Security Continuous Monitoring (ISCM) is a term used to describe maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. ISCM is a process that collects, analyzes, and reports on the security status and performance of an organization's information systems and networks, using automated or manual tools and techniques. ISCM can help to identify and prioritize the security risks, gaps, and weaknesses, and to implement and evaluate the security controls and measures, in alignment with the organization's security objectives and policies. ISCM can also help to comply with the legal and regulatory requirements, and to respond to the changing threat landscape and business environment.

Topics

#continuous monitoring#ISCM#risk management#threat intelligence

Community Discussion

No community discussion yet for this question.

Full CISSP Practice