Learn how implementing a SIEM system as a detective control strengthens your organization’s ability to identify and respond to security incidents effectively.
Table of Contents
Question
Which type of control has been established when an organization implements a security information and event management (SIEM) system?
A. Preventive
B. Detective
C. Directive
D. Corrective
Answer
B. Detective
Explanation
A SIEM system’s primary function is to detect and alert on suspicious activity within an organization’s IT infrastructure, making it a detective control.
- Preventive controls aim to avert security incidents before they occur (e.g., firewalls, access controls).
- Detective controls identify and alert on security incidents after they have happened (e.g., intrusion detection systems, SIEM).
- Directive controls guide employees towards secure behaviors (e.g., security policies, awareness training).
- Corrective controls mitigate the impact of security incidents after they occur (e.g., incident response plans, backups).
Isaca Certified Information Systems Auditor CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Isaca Certified Information Systems Auditor CISA exam and earn Isaca Certified Information Systems Auditor CISA certification.