Isaca Exam CRISC Topic 9 Question 72 Discussion

Actual exam question for Isaca's CRISC exam

Question #: 72
Topic #: 9

During implementation of an intrusion detection system (IDS) to monitor network traffic, a high number of alerts is reported. The risk practitioner should recommend to:

Areset the alert threshold based on peak traffic

Banalyze the traffic to minimize the false negatives

Canalyze the alerts to minimize the false positives

Dsniff the traffic using a network analyzer

Show Suggested Answer

Suggested Answer: D

by Isadora at Apr 24, 2024, 01:22 PM

Limited Time Offer

25%

Off

Get Premium CRISC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rosendo

1 months ago

Ah, the classic 'reset and hope for the best' approach. Better hope the network gremlins don't come back with a vengeance!

upvoted 0 times

Aleshia

20 hours ago

Consider adjusting the sensitivity of the IDS

upvoted 0 times

...

Jess

2 days ago

Investigate the root cause of the alerts

upvoted 0 times

...

Idella

17 days ago

Ignore the alerts and hope for the best

upvoted 0 times

...

Ozell

2 months ago

Minimize false negatives, eh? Sounds like we need to find that sweet spot between catching all the bad guys and not drowning in a sea of alerts. Careful not to fall for the 'more is better' trap!

upvoted 0 times

Ryann

11 days ago

Maybe we can also consider implementing machine learning algorithms to help filter out the noise and improve the accuracy of alerts.

upvoted 0 times

...

Adelaide

1 months ago

I think we should focus on tuning the IDS to reduce false positives and prioritize alerts based on severity.

upvoted 0 times

...

Roy

1 months ago

Agreed, we definitely need to balance between catching real threats and not getting overwhelmed with false alarms.

upvoted 0 times

...

Leonardo

2 months ago

Sniff the traffic with a network analyzer? Ooh, now we're getting technical! I bet that'll give us a whole new perspective on what's going on.

upvoted 0 times

...

Dyan

2 months ago

False positives, huh? Time to put on our detective hats and figure out what's triggering all those alerts. Gotta keep that IDS running smoothly!

upvoted 0 times

Marquetta

18 days ago

It's important to regularly update the IDS signatures to ensure it's detecting the latest threats accurately.

upvoted 0 times

...

Torie

26 days ago

Maybe we should consider tuning the IDS to focus on specific types of traffic to minimize false positives.

upvoted 0 times

...

Anabel

1 months ago

We could also adjust the sensitivity levels of the IDS to reduce the number of alerts.

upvoted 0 times

...

Celestine

2 months ago

Let's start by reviewing the IDS configuration to see if there are any rules causing false positives.

upvoted 0 times

...

Nobuko

2 months ago

I would also consider B) analyze the traffic to minimize the false negatives. We need to ensure we're not missing any real threats.

upvoted 0 times

...

Harley

2 months ago

I agree with Rebecka. It's important to reduce false positives to focus on real threats.

upvoted 0 times

...

Rebecka

2 months ago

I think the answer is C) analyze the alerts to minimize the false positives.

upvoted 0 times

...

Hortencia

2 months ago

Resetting the alert threshold? Sounds like a quick fix, but I'm not sure that's the best long-term solution. Gotta dig deeper and analyze that traffic!

upvoted 0 times