CISA Certified Information Systems Auditor – Question1201

Which of the following is the BEST way to increase the effectiveness of security incident detection?

A.
Determining containment activities based on the type of incident
B. Establishing service level agreements (SLAs) with appropriate forensic service providers
C. Educating end users on identifying suspicious activity
D. Documenting root cause analysis procedures

Correct Answer: D