CISA Certified Information Systems Auditor – Question1594 - CISA Certified Information Systems Auditor

To address a maintenance problem, a vendor needs remote access to a critical network. The MOST secure and effective solution is to provide the vendor with a:

A. Secure Shell (SSH-2) tunnel for the duration of the problem.
B. two-factor authentication mechanism for network access.
C. dial-in access.
D. virtual private network (VPN) account for the duration of the vendor support contract.

Correct Answer: A

Explanation:

Explanation:
For granting temporary access to the network, a Secure Shell (SSH-2) tunnel is the best approach. It has auditing features and allows restriction to specific access points. Choices B, C and D all give full access to the internal network. Two-factor authentication and virtual private network (VPN) provide access to the entire network and are suitable for dedicated users. Dial-in access would need to be closely monitored or reinforced with another mechanism to ensure authentication to achieve the same level of security as SSH-2.