After reviewing its business processes, a large organization is deploying a new web application based on a VoIP technology. Which of the following is the MOST appropriate approach for implementing access control that will facilitate security management of the VoIP web application?

Which of the following would prevent unauthorized changes to information stored in a server’s log?

Inadequate programming and coding practices introduce the risk of:

The logical exposure associated with the use of a checkpoint restart procedure is:

An organization has been recently downsized, in light of this, an IS auditor decides to test logical access controls. The IS auditor’s PRIMARY concern should be that:

From a control perspective, the PRIMARY objective of classifying information assets is to:

An IS auditor examining a biometric user authentication system establishes the existence of a control weakness that would allow an unauthorized individual to update the centralized database on the server that is used to store biometric templates. Ofthe following, which is the BEST control against this risk?

For a discretionary access control to be effective, it must:

Which of the following BEST restricts users to those functions needed to perform their duties?

Which of the following is a general operating system access control function?