(ISC)2(ISC)2
CISSP · Question #308
CISSP Question #308: Real Exam Question with Answer & Explanation
Sign in or unlock CISSP to reveal the answer and full explanation for question #308. The question stem and answer options stay visible for context.
Submitted by alyssa_d· Mar 5, 2026Security Operations
Question
Which of the following sets of controls should allow an investigation if an attack is not blocked by preventive controls or detected by monitoring?
Options
- ALogging and audit trail controls to enable forensic analysis
- BSecurity incident response lessons learned procedures
- CSecurity event alert triage done by analysts using a Security Information and Event Management
- DTransactional controls focused on fraud prevention
Unlock CISSP to see the answer
You've previewed enough free CISSP questions. Unlock CISSP for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#incident investigation#forensic analysis#logging#audit trails