Which of the following metrics would be the MOST useful in measuring how well information
security is monitoring violation logs?
A.
Penetration attempts investigated
B.
Violation log reports produced
C.
Violation log entries
D.
Frequency of corrective actions taken
Explanation:
The most useful metric is one that measures the degree to which complete follow-through has
taken place. The quantity of reports, entries on reports and the frequency of corrective actions are
not indicative of whether or not investigative action was taken.