Which of the following would prevent unauthorized changes to information stored in a server’s log?

After reviewing its business processes, a large organization is deploying a new web application based
on a VoIP technology. Which of the following is the MOST appropriate approach for implementing
access control that will facilitate security management of the VoIP web application?

In an online banking application, which of the following would BEST protect against identity theft?

Which of the following is the BEST method for preventing the leakage of confidential information in
a laptop computer?

The responsibility for authorizing access to application data should be with the:

During an audit of the logical access control of an ERP financial system an IS auditor found some user
accounts shared by multiple individuals. The user IDs were based on roles rather than individual
identities. These accounts allow access to financial transactions on the ERP. What should the IS
auditor do next?

Minimum password length and password complexity verification are examples of:

An IS auditor finds that a DBA has read and write access to production data. The IS auditor should:

When using a universal storage bus (USB) flash drive to transport confidential corporate data to an
offsite location, an effective control would be to:

A business application system accesses a corporate database using a single ID and password
embedded in a program. Which of the following would provide efficient access control over the
organization’s data?