Management has decided that a core application will be used on personal cellular phones. As an implementation requirement, regularly scheduled analysis of the security posture needs to be conducted.
Management has also directed that continuous monitoring be implemented. Which of the following is required to accomplish management's directive?
Correct Answer: C
To accomplish management's directive of conducting regularly scheduled analysis of the security posture and implementing continuous monitoring of a core application used on personal cellular phones, the organization needs to have an enterprise-level security information and event management (SIEM) dashboard that provides full visibility of cellular phone activity. A SIEM dashboard is a tool that collects, correlates, analyzes, and displays security data from various sources, such as logs, alerts, events, and network traffic. A SIEM dashboard can help the organization to monitor the security status of the application, detect and respond to incidents, generate reports, and comply with regulations. A SIEM dashboard can also integrate with other security tools, such as intrusion detection and prevention systems (IDS/IPS), firewalls, antivirus, and vulnerability scanners, to provide a comprehensive view of the security posture. A SIEM dashboard is more effective and efficient than relying on manual analysis or reports from the user's cellular phone provider, which may not be timely, accurate, or complete. A SIEM dashboard also does not require strict integration of application management, configuration management, and phone management, which may be difficult or impractical to achieve for personal cellular phones. A management application installed on user phones that tracks all application events and cellular traffic may not be sufficient to provide full visibility of cellular phone activity, as it may not capture all the relevant security data or communicate with the central security system.
References: Official (ISC)2 CISSP CBK Reference, Fifth Edition, Domain 7, Security Operations, page
699. CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7, Security Operations, page 663.