Minimum password length and password complexity verification are examples of:

An IS auditor finds that a DBA has read and write access to production data. The IS auditor should:

When using a universal storage bus (USB) flash drive to transport confidential corporate data to an
offsite location, an effective control would be to:

A business application system accesses a corporate database using a single ID and password
embedded in a program. Which of the following would provide efficient access control over the
organization’s data?

Which of the following is the BEST practice to ensure that access authorizations are still valid?

A technical lead who was working on a major project has left the organization. The project manager
reports suspicious system activities on one of the servers that is accessible to the whole team. What
would be of GREATEST concern if discoveredduring a forensic investigation?

An organization is using an enterprise resource management (ERP) application. Which of the
following would be an effective access control?

What should be the GREATEST concern to an IS auditor when employees use portable media (MP3
players, flash drives)?

An IS auditor should expect the responsibility for authorizing access rights to production data and
systems to be entrusted to the:

An IS auditor has completed a network audit. Which of the following is the MOST significant logical
security finding?