CISA Certified Information Systems Auditor – Question0271

Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment. The auditor’s BEST course of action would be to determine if:

A.
the domain controller was classified for high availability.
B. the network traffic was being monitored.
C. the patches were updated.
D. the logs were monitored.

Correct Answer: D