Which of the following should concern an IS auditor when reviewing security in a client-server environment?

A.
Protecting data using an encryption technique

B.
Preventing unauthorized access using a diskless workstation

C.
The ability of users to access and modify the database directly

D.
Disabling floppy drives on the users’ machines

Explanation:
For the purpose of data security in a client-server environment, an IS auditor should be concerned with the users ability to access and modify a database directly. This could affect the integrity of the data in the database. Data protected by encryption aid in securing the datA . Diskless workstations prevent copying of data into local disks and thus help to maintain the integrity and confidentiality of datA . Disabling floppy drives is a physical access control, which helps to maintain the confidentiality of data by preventing it from being copied onto a disk.