Free ISC2 SSCP Actual Exam Questions - Question 1 Discussion

Maybe D, since reviewing audit records is about identifying breaches after they occur, not stopping them beforehand like prevention or avoidance would. It’s definitely about spotting issues rather than deterring or preventing them.

Maybe D because reviewing audit logs is about catching things that already happened, not stopping them before they occur. Prevention would be more like blocking access or setting up firewalls. Deterrence is about discouraging bad behavior, which doesn’t quite fit with just reviewing records. Avoidance seems too extreme since you’re not avoiding risk, but actually looking for signs of problems. So detection makes the most sense here since you’re identifying issues through those audits.

D/C? I’m with detection on this one since reviewing audit logs is about finding incidents after they happen. Prevention would be more like setting controls so bad stuff can’t happen in the first place. Avoidance sounds like completely steering clear of risk, which doesn’t fit here. The “timely” part just means you’re not waiting too long to catch problems, but it’s still detecting, not preventing.

D imo, because reviewing audit records is about spotting issues after the fact. A feels off since you’re not avoiding directly, and B’s more about discouraging bad actions upfront.