An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor’s BEST recommendation would be to:
A. recruit more monitoring personnel.
B. fine tune the intrusion detection system (IDS).
C. reduce the firewall rules.
D. establish criteria for reviewing alerts.
A. recruit more monitoring personnel.
B. fine tune the intrusion detection system (IDS).
C. reduce the firewall rules.
D. establish criteria for reviewing alerts.