CISSP Question #812: Real Exam Question with Answer & Explanation

The correct answer is C: Periodic log reviews. Periodic log reviews are the primary mechanism for identifying operational issues, misconfigurations, and attacks by analyzing recorded system and network events over time.

Submitted by olafpl· Mar 5, 2026Security Operations

Question

Which of the following activities BEST identifies operational problems, security misconfigurations, and malicious attacks?

Options

APolicy documentation review
BAuthentication validation
CPeriodic log reviews
DInterface testing

Explanation

Periodic log reviews are the primary mechanism for identifying operational issues, misconfigurations, and attacks by analyzing recorded system and network events over time.

Common mistakes.

A. Policy documentation review assesses whether written policies are complete and up to date, but does not actively detect live operational problems, misconfigurations, or attacks occurring in the environment.
B. Authentication validation verifies that authentication mechanisms are functioning correctly, but it is a narrow, targeted check that does not broadly identify security misconfigurations or malicious activity across systems.
D. Interface testing evaluates the functionality and connectivity of network or application interfaces, but it is not designed to detect security misconfigurations or identify malicious attack patterns.

Concept tested. Log review for security monitoring and incident detection

Reference. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-92.pdf

Topics

#log review#security monitoring#incident detection

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions