The IS auditor’s PRIMARY concern should be that:
An organization has been recently downsized, in light of this, an IS auditor decides to test logical
access controls. The IS auditor’s PRIMARY concern should be that:
From a control perspective, the PRIMARY objective of cl…
From a control perspective, the PRIMARY objective of classifying information assets is to:
which is the BEST control against this risk?
An IS auditor examining a biometric user authentication system establishes the existence of a
control weakness that would allow an unauthorized individual to update the centralized database
on the server that is used to store biometric templates. Ofthe following, which is the BEST control
against this risk?
For a discretionary access control to be effective, it must:
For a discretionary access control to be effective, it must:
Which of the following BEST restricts users to those fu…
Which of the following BEST restricts users to those functions needed to perform their duties?
Which of the following is a general operating system ac…
Which of the following is a general operating system access control function?
Which of the following presents an inherent risk with n…
Which of the following presents an inherent risk with no distinct identifiable preventive controls?
which of the following attack methods?
The information security policy that states ‘each individual must have their badge read at every
controlled door’ addresses which of the following attack methods?
which of the following technologies?
An IS auditor reviewing digital rights management (DRM) applications should expect to find an
extensive use for which of the following technologies?
The IS auditor’s main concern should be that:
An IS auditor has identified the lack of an authorization process for users of an application.
The IS auditor’s main concern should be that: