CISA Certified Information Systems Auditor – Question1197

The BEST test to determine whether an application’s internal security controls are configured in compliance with the organization’s security standards is an evaluation of the:

A.
availability and frequency of security reports
B. intrusion detection system (IDS) logs
C. application’s user accounts and passwords
D. business application’s security parameter settings

Correct Answer: D