CISA Certified Information Systems Auditor – Question1576

An organization has a mix of access points that cannot be upgraded to stronger security and newer access points having advanced wireless security. An IS auditor recommends replacing the non-upgradeable access points. Which of the following would BEST justify the IS auditor's recommendation?

A.
The new access points with stronger security are affordable.
B. The old access points are poorer in terms of performance.
C. The organization's security would be as strong as its weakest points.
D. The new access points are easier to manage.

Correct Answer: C

Explanation:

Explanation:
The old access points should be discarded and replaced with products having strong security; otherwise, they will leave security holes open for attackers and thus make the entire network as weak as they are. Affordability is not the auditor’s major concern.
Performance is not as important as security in this situation. Product manageability is not the IS auditor’s concern.