Question: Which is the MOST important to enable a timely response to a security breach? A. Knowledge sharing and collaboration B. Security event logging C. Roles

Which is the MOST important to enable a timely response to a security breach?

A. Knowledge sharing and collaboration

B. Security event logging

C. Roles and responsibilities

D. Forensic analysis

Correct Answer: B???? or C?????

______________________

Note

The official answer (could be incorrect because NO comes from ISACA!) is: "B. Security event logging".

Other experts claim that the correct answer is: "C. Roles and responsibilities".

This question, in my opinion, is unclear because: B. Security event logging = is the correct answer if the context requested by the question is at an operational level, then SIEM, in this case, is very useful in fact thanks to SIEM the response to the incident at the operational level will be more efficient C. Roles and responsibilities = is the correct answer if the context to which the question refers is the incident response plan (IRP), then it is evident that having an IRP that clarifies "who does what" (roles and responsibilities) then the response to the incident will be more efficient.

Your expert opinion (and explanation) is strongly requested. Many thanks in advance.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

ISSUES IN ACCOUNTING EDUCATION Vol. 26, No. 3 2011 pp. 521-545 American Accounting Association DOI: 10.2308/iace-50031 Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT, with...

Q:

Who is chief knowledge officer? What the primary role? A senior executive in an organization responsible for ensuring that firm fully utilizes the value it gets through knowledge- which is the most...

Q:

Question: It is a common case that institutions to collect and store the personal data of staff and students from around the world, what are the additional considerations for Personally Identifiable...

Q:

Course Summary IS-100.b - Intro to Incident Command System (ICS 100) Lesson 1: Course Welcome & ICS Overview Course Goal The overall course goal is to promote effective response by: Familiarizing you...

Q:

Can you review the comprehensive implementation plan and support in making it a better version? Contents 1. Executive Summary 3 2. Introduction 3 Overview of Riverside Health Network 3 Current...

Q:

Hospital emergency response checklist An all-hazards tool for hospital administrators and emergency managers Supported by The European Commission Health Programme 2008-2013 Together for Health...

Q:

Please see attached file and answer (1-2 pages) the following questions: - What is the structure of this industry? - Who are the primary players? - What external risks does the industry face? Table...

Q:

ITM 309: Business Information Technology and Systems Spring 2016 Watson and the new era of cognitive systems Jerry Haan IBM Cloud Ecosystem Development January 27, 2016 2013 International Business...

Q:

1-2 pages of five supply chain lessons learned from the Boeing case. Each lesson can be in a short paragraph. Managing New Product Development and Supply Chain Risks: The Boeing 787 Case The 787...

Q:

Q. The purpose of this assignment is to explain a final project management plan and retrospective based upon the IT project management activities students have been developing throughout the course....

Q:

4. The colon (:) operator and linspace function are used in MATLAB to create linearly spaced vectors. Observe the results of the example provided using these two methods. Then, generate the vectors...

Q:

The following is a list of terms related to performance evaluation. (1) Balanced scorecard (2) Variance (3) Learning and growth perspective (4) Nonfinancial measures (5) Customer perspective (6)...

Q:

? * * Which of the following formulas is INCORRECT? A . earnings growth rate = retention rate return on new investment B . Div ? t = E P S t Dividend Payout Rate C . P N = ( r E - g ) Div ? N 1 D . r...

Q:

5. Develop a scenario comparing two PH programs and involving the use of a CBA.

Q:

1. The International Labour Organization. The International Labour Organization (ILO) has established labor standards for 150 countries represented by the organization. Locate the Web site for the...

Q:

9. Assess the strategy of Wal-Mart in China where the company has recognized unions in all 62 stores, to its strategy in the United States, which is to combat any type of union representation.

Q:

5. Although multinational corporations seem to be growing in size and influence, what must occur before transnational collective bargaining can be effectively carried out?