CISSP · Question #1225
CISSP Question #1225: Real Exam Question with Answer & Explanation
The correct answer is D: Implement and review risk-based alerts.. The best option to reduce overall risk in addition to quarterly access reviews is to implement and review risk-based alerts. Risk-based alerts are notifications that are triggered by predefined events or conditions that indicate a potential security breach or misuse of system res
Question
In a quarterly system access review, an active privileged account was discovered that did not exist in the prior review on the production system. The account was created one hour after the previous access review. Which of the following is the BEST option to reduce overall risk in addition to quarterly access reviews?
Options
- AIncrease logging levels.
- BImplement bi-annual reviews.
- CCreate policies for system access.
- DImplement and review risk-based alerts.
Explanation
The best option to reduce overall risk in addition to quarterly access reviews is to implement and review risk-based alerts. Risk-based alerts are notifications that are triggered by predefined events or conditions that indicate a potential security breach or misuse of system resources. For example, a risk-based alert could be generated when a privileged account is created, modified, or deleted, or when a privileged account performs an unusual or unauthorized activity. By implementing and reviewing risk-based alerts, the organization can detect and respond to suspicious or malicious actions involving privileged accounts in a timely manner, and prevent or minimize the impact of security incidents.
Topics
Community Discussion
No community discussion yet for this question.