Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which CIS security control is utilized to accumulate event records to help identify incidents?

  1. Account management

  2. Inventory and control of enterprise asset

  3. Data recovery

  4. Audit log management

The correct answer is: Audit log management

The correct choice is Audit log management. This control is critical in the field of cybersecurity, as it focuses specifically on the collection, review, and analysis of event records that are generated by various systems and applications within an organization. By managing audit logs effectively, organizations can maintain a comprehensive record of events, which serves as a valuable resource for identifying potential security incidents or unauthorized activities. Audit logs provide insight into user access, system changes, and access to sensitive information, making it easier to detect anomalies and patterns that may indicate a security breach. Furthermore, having a robust audit log management policy in place supports compliance with regulations and frameworks that require the retention and analysis of log data for security monitoring and incident response purposes. This proactive approach enhances an organization’s ability to respond swiftly and effectively to incidents when they occur.

More Questions Like This