CISA Certified Information Systems Auditor – Question0770

Which of the following should be reviewed FIRST when assessing the effectiveness of an organization’s network security procedures and controls?

A.
Data recovery capability
B. Inventory of authorized devices
C. Vulnerability remediation
D. Malware defenses

Correct Answer: B