CISA Certified Information Systems Auditor – Question2292

Why does the IS auditor often review the system logs?

A.
To get evidence of password spoofing
B. To get evidence of data copy activities
C. To determine the existence of unauthorized access to data by a user or program
D. To get evidence of password sharing

Correct Answer: C

Explanation:

Explanation:
When trying to determine the existence of unauthorized access to data by a user or program, the IS auditor will often review the system logs.