Which of the following provides the framework for desig…
Which of the following provides the framework for designing and developing logical access controls?
The FIRST step in data classification is to:
The FIRST step in data classification is to:
With the help of a security officer, granting access to…
With the help of a security officer, granting access to data is the responsibility of:
Security administration procedures require read-only ac…
Security administration procedures require read-only access to:
Electromagnetic emissions from a terminal represent an …
Electromagnetic emissions from a terminal represent an exposure because they:
Which of the following exposures could be caused by a l…
Which of the following exposures could be caused by a line grabbing technique?
Naming conventions for system resources are important f…
Naming conventions for system resources are important for access control because they:
The PRIMARY objective of a logical access control revie…
The PRIMARY objective of a logical access control review is to:
The BEST control to mitigate this risk is to:
Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor
discovers that in many cases the username and password are the same. The BEST control to
mitigate this risk is to:
In this situation, the IS auditor is MOST likely to con…
An IS auditor conducting an access control review in a client-server environment discovers that all
printing options are accessible by all users. In this situation, the IS auditor is MOST likely to
conclude that: