CISM Certified Information Security Manager – Question0791

An information security team is investigating an alleged breach of an organization’s network. Which of the following would be the BEST single source of evidence to review?

A.
Intrusion detection system
B. SIEM tool
C. Antivirus software
D. File integrity monitoring software

Correct Answer: B