CISM - Incident Management - Section 4.7
Deploy and operate incident management tools and techniques to detect, analyse and respond to security events.
Deploy and operate incident management tools including SIEM for centralised log analysis and event correlation, SOAR for automated response orchestration, and forensic tools for evidence collection and analysis. Choose and configure these tools to support the full incident detection and response lifecycle from initial alert through containment.
SIEMSOARForensic toolsIncident detection
More in this domain
Back to all Incident Management objectives, or the CISM cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.