An IS auditor should expect the responsibility for authorizing access rights to production data and systems to be entrusted to the:

An IS auditor has completed a network audit. Which of the following is the MOST significant logical security finding?

Which of the following would MOST effectively enhance the security of a challenge- response based authentication system?

Which of the following should an IS auditor recommend for the protection of specific sensitive information stored in the data warehouse?

The responsibility for authorizing access to a business application system belongs to the:

An organization has created a policy that defines the types of web sites that users are forbidden to access. What is the MOST effective technology to enforce this policy?

What would be the MOST effective control for enforcing accountability among database users accessing sensitive information?

Which of the following intrusion detection systems (IDSs) monitors the general patterns of activity and traffic on a network and creates a database?

The MOST important difference between hashing and encryption is that hashing:

Which of the following cryptography options would increase overhead/cost?