A large financial institution has implemented multiple new security controls. The security team wants to remain informed of suspicious activity, with alerts triggered whenever unusual events are detected. Which approach best supports this objective?
Implement automated event correlation for anomaly detection
Conduct periodic manual system checks to identify anomalies
Arrange assessments conducted by external reviewers
Automating the correlation of events allows warnings to be generated while data is captured, providing the flexibility to identify and respond to threats. Delaying analysis or relying on sporadic checks can miss emerging risks. Scheduling assessments by external reviewers also does not uncover threats fast enough to support ongoing visibility.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is event correlation in cybersecurity?
Open an interactive chat with Bash
How does anomaly detection work in automated systems?
Open an interactive chat with Bash
Why is retrospective analysis less effective for threat detection?