Which of the following should an IS auditor review to determine user permissions that have been
granted for a particular resource? Choose the BEST answer.
A.
Systems logs
B.
Access control lists (ACL)
C.
Application logs
D.
Error logs
Explanation:
IS auditors should review access-control lists (ACL) to determine user permissions
that have been granted for a particular resource.