PrepAway - Latest Free Exam Questions & Answers

Which of the following controls wou Id BEST mitigate the risk of undetected and unauthorized program changes t

An IS auditor discovers that developers have operator access to the command line of a
production environment operating system. Which of the following controls wou Id BEST mitigate
the risk of undetected and unauthorized program changes to the production environment?

PrepAway - Latest Free Exam Questions & Answers

A.
Commands typed on the command line are logged

B.
Hash keys are calculated periodically for programs and matched against hash keys calculated
for the most recent authorized versions of the programs

C.
Access to the operating system command line is granted through an access restriction tool with
preapproved rights

D.
Software development tools and compilers have been removed from the production
environment

Explanation:

The matching of hash keys over time would allow detection of changes to files. Choice A is
incorrect because having a log is not a control, reviewing the log is a control. Choice C is incorrect
because the access was already granted-it does notmatter how. Choice D is wrong because files
can be copied to and from the production environment.


Leave a Reply