PrepAway - Latest Free Exam Questions & Answers

which is the BEST control against this risk?

An IS auditor examining a biometric user authentication system establishes the existence of a control
weakness that would allow an unauthorized individual to update the centralized database on the server that is
used to store biometric templates. Ofthe following, which is the BEST control against this risk?

PrepAway - Latest Free Exam Questions & Answers

A.
Kerberos

B.
Vitality detection

C.
Multimodal biometrics

D.
Before-image/after-image logging

Explanation:
Kerberos is a network authentication protocol for client-server applications that can be used to restrict access to
the database to authorized users. Choices B and C are incorrect because vitality detection and multimodal
biometrics are controls against spoofing and mimicry attacks. Before-image/after-image logging of database
transactions is a detective control, as opposed to Kerberos, which is a preventative control.


Leave a Reply