Register
As part of the Security Monitoring guidelines presented in the FFIEC's Information Technology Examination Handbook for Information Security, an examiner would look for certain steps that should have been
148k views
4 votes
As part of the Security Monitoring guidelines presented in the FFIEC's Information Technology Examination Handbook for Information Security, an examiner would look for certain steps that should have been taken by the organization. Essentially, the examiner is looking to gain assurance that the organization has an adequate risk mitigation strategy in place with respect to keeping information secure. Which of the following steps in an organization's security monitoring process would provide the examiner with the assurance:

1. Respond to intrusions and other security events and weaknesses to mitigate risk to the organization and its customers, and to restore system.
2. Monitor network and host activity to identify policy violations and anomalous behavior.
3. Monitor host and network conditions to identify authorized access and other conditions that decrease the risk of intrusion or other security events.
4. Analyze results of monitoring to identify, classify, escalate, report, and guide responses to security events.

a. 1, 2, 3, & 4
b. 2 & 3
c. 1, 2, & 4
d. 1, 3, & 4

User Finbar
by
8.1k points

1 Answer

4 votes

Final answer:

The steps in an organization's security monitoring process that provide assurance to the examiner are: responding to security events, monitoring network and host activity, monitoring host and network conditions, and analyzing results of monitoring. The correct answer is d.

Step-by-step explanation:

The correct answer is d. 1, 3, & 4. These steps in an organization's security monitoring process would provide the examiner with assurance that the organization has an adequate risk mitigation strategy in place:

  1. Respond to intrusions and other security events and weaknesses to mitigate risk to the organization and its customers, and to restore system.
  2. Monitor host and network conditions to identify authorized access and other conditions that decrease the risk of intrusion or other security events.
  3. Analyze results of monitoring to identify, classify, escalate, report, and guide responses to security events.

These steps demonstrate a comprehensive approach to security monitoring, addressing the identification, response, and analysis of security events and weaknesses.

User Aaron McGuire
by
9.5k points
← Prev Question Next Question →

Related questions

User Zerg Overmind
asked Nov 9, 2024 1.4k views
During the otoscopic examination of a child younger than 3 years, the examiner:
Zerg Overmind asked Nov 9, 2024
by Zerg Overmind
8.3k points
1 answer
1 vote
1.4k views
User Psparrow
asked May 21, 2024 197k views
What 3 phases of the examination process does the analyst provide assistance to the examiner?
Psparrow asked May 21, 2024
by Psparrow
8.0k points
1 answer
1 vote
197k views
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.5m questions

12.2m answers

Other Questions

Who was the boy who  became king at the age of 9?
Why did people immigrate to the United States in the late 1800s?
Why wasn't New England's land well-suited for farming
Which city was located nearest the nile river delta
''Life in a city is more rewarding than life outside a city."List two or three arguments in favor of this opinion and two or three arguments opposing this opinion
Link Copied!