Security monitoring mechanisms should PRIMARILY:
A.
focus on business-critical information.
B.
assist owners to manage control risks.
C.
focus on detecting network intrusions.
D.
record all security violations.
Explanation:
Security monitoring must focus on business-critical information to remain effectively usable by and
credible to business users. Control risk is the possibility that controls would not detect an incident
or error condition, and therefore is not a correct answer because monitoring would not directly
assist in managing this risk. Network intrusions are not the only focus of monitoring mechanisms;
although they should record all security violations, this is not the primary objective.