CISA Certified Information Systems Auditor – Question0804

Which of the following is a detective control that can be used to uncover unauthorized access to information systems?

A.
Requiring long and complex passwords for system access
B. Implementing a security information and event management (SIEM) system
C. Requiring internal audit to perform periodic reviews of system access logs
D. Protecting access to the data center with multifactor authentication

Correct Answer: B