An IS auditor performing an independent classification of systems should consider a situation where functions&
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as:
The FIRST step in data classification is to:
The FIRST step in data classification is to:
Which of the following exposures could be caused by a line grabbing technique?
Which of the following exposures could be caused by a line grabbing technique?
Electromagnetic emissions from a terminal represent an exposure because they:
Electromagnetic emissions from a terminal represent an exposure because they:
Security administration procedures require read-only access to:
Security administration procedures require read-only access to:
With the help of a security officer, granting access to data is the responsibility of:
With the help of a security officer, granting access to data is the responsibility of:
To prevent unauthorized entry to the data maintained in a dial-up, fast response system, an IS auditor should
To prevent unauthorized entry to the data maintained in a dial-up, fast response system, an IS auditor should recommend:
In this situation, the IS auditor is MOST likely to conclude that:
An IS auditor conducting an access control review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that:
The BEST control to mitigate this risk is to:
Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor discovers that in many cases the username and password are the same. The BEST control to mitigate this risk is to:
The PRIMARY objective of a logical access control review is to:
The PRIMARY objective of a logical access control review is to: