A security regulation requires the disabling of direct administrator access. Such access must occur through an intermediate server that holds administrator passwords for all systems and records all actions. An IS auditor’s PRIMARY concern with this solution would be that:
A. it is not feasible to implement.
B. it represents a single point of failure.
C. segregation of duties is not observed.
D. access logs may not be maintained.
A. it is not feasible to implement.
B. it represents a single point of failure.
C. segregation of duties is not observed.
D. access logs may not be maintained.