To enhance incident detection, a company is configuring their monitoring system to manage the alarm process effectively. Which of the following options is the MOST effective method for ensuring that critical alarms are received and addressed immediately by the appropriate personnel?
Implement an automated ticketing system where alarms trigger the creation of investigation tickets.
Instruct the team to conduct daily audit log reviews for security-related events.
Adjust the threshold for notification to reduce the volume of alarms triggered.
Send alarm notifications to mobile devices or a messaging app used by the cybersecurity team.
The most effective method to ensure that critical alarms are not missed and are responded to promptly is to have them sent directly to a dedicated communication channel for the cybersecurity team. This could include push notifications on their phones or messaging apps specifically designated for immediate cybersecurity alerts. Adjusting the notification parameters to reduce noise would not be as effective without a direct line of communication. Scheduling daily reviews of logs could lead to delays in response time, which can be detrimental in case of an emergency response. Lastly, setting up an automated ticketing system adds unnecessary delay in a situation that may require an immediate reaction.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What types of dedicated communication channels can be used for receiving alarms?
Open an interactive chat with Bash
Why is adjusting the threshold for notification considered less effective?
Open an interactive chat with Bash
How can automated ticketing systems be useful in incident response?