CISA Certified Information Systems Auditor – Question1451

Which of the following BEST restricts users to those functions needed to perform their duties?

A.
Application level access control
B. Data encryption
C. Disabling floppy disk drives
D. Network monitoring device

Correct Answer: A

Explanation:

Explanation:
The use of application-level access control programs is a management control that restricts access by limiting users to only those functions needed to perform their duties. Data encryption and disabling floppy disk drives can restrict users to specific functions, but are not the best choices. A network monitoring device is a detective control, not a preventive control.