An auditor evaluates network monitoring and finds that Intrusion Detection Systems (IDS) generate thousands of alerts daily but security staff only review critical alerts. Other alerts are ignored due to volume. What is the PRIMARY security risk?

Home › MCQs › CISA › Question #6857

CISA QUESTION #6857

Question 1

Alert fatigue
Actual attacks hidden in ignored alerts may go undetected✔️
Insufficient staffing
Poor IDS configuration

Correct Answer Explanation

High-volume, low-quality alerting causes security teams to ignore alerts, creating an environment where real attacks are missed in the noise. While the root cause is poor IDS tuning, the immediate risk is that actual security incidents are occurring but going undetected because they are lost among false positives or lower-severity alerts that are not reviewed.

More Options