Certified Information Systems Auditor Practice Exam

The answer involving the regular review of audit logs is correct because this process is essential for identifying patterns or anomalies that may indicate unauthorized access attempts or potential security breaches. Regular reviews enhance the ability to detect repeated failed login attempts, which could signify a brute force attack or an effort to compromise user accounts.

In the context of a financial system, where the security of sensitive information is paramount, analyzing logs allows IT security teams to respond promptly to suspicious activities. Regular audits provide insights into access patterns, contribute to incident response readiness, and help in compliance with regulatory requirements regarding monitoring and logging.

The other aspects, although important, do not directly address the proactive response to failed login attempts. Retention of logs for a year ensures data is available for analysis but does not imply that the analysis will occur. Automatic generation of logs is necessary for logging any activity, but without regular review, the logs may go unexamined, failing to protect the system effectively. Alerting the IT security team can be beneficial, yet without consistent reviews of the logs, many incidents could be missed before escalation. Regular review stands out as the most critical component in the context of proactive security management for financial systems.