PrepAway - Latest Free Exam Questions & Answers

Which of the following should an IS auditor recommend for the protection of specific sensitive information sto

Which of the following should an IS auditor recommend for the protection of specific sensitive
information stored in the data warehouse?

PrepAway - Latest Free Exam Questions & Answers

A.
implement column- and row-level permissions

B.
Enhance user authentication via strong passwords

C.
Organize the data warehouse into subject matter-specific databases

D.
Log user access to the data warehouse

Explanation:

Choice A specifically addresses the question of sensitive data by controlling what information
users can access. Column-level security prevents users from seeing one or more attributes on a
table. With row-level security a certain grouping of information on a table is restricted; e.g., if a
table held details of employee salaries, then a restriction could be put in place to ensure that,
unless specifically authorized, users could not view the salaries of executive staff. Column- and
row-level security can be achieved in a relational database by allowing users to access logical
representations of data rather than physical tables. This ‘fine-grained’ security model is likely to
offer the best balance between information protection while still supporting a wide range of
analytical and reporting uses. Enhancing user authentication via strong passwords is a security
control that should apply to all users of the data warehouse and does not specifically address
protection of sensitive datA. Organizing a data warehouse into subject-specific databases is a
potentially useful practice but, in itself, does not adequately protect sensitive datA. Database-level
security is normally too ‘coarse’ a level to efficiently and effectively protect information. For
example, one database may hold information that needs to be restricted such as employee salary
and customer profitability details while other information such as employee department may need
to be legitimately a


Leave a Reply