CISA Certified Information Systems Auditor – Question1609 - CISA Certified Information Systems Auditor

An IS auditor finds that conference rooms have active network ports. Which of the following is MOST important to ensure?

A. The corporate network is using an intrusion prevention system (IPS)
B. This part of the network is isolated from the corporate network
C. A single sign-on has been implemented in the corporate network
D. Antivirus software is in place to protect the corporate network

Correct Answer: B

Explanation:

Explanation:
If the conference rooms have access to the corporate network, unauthorized users may be able to connect to the corporate network; therefore, both networks should be isolated either via a firewall or being physically separated. An I PS would detect possible attacks, but only after they have occurred. A single sign-on would ease authentication management. Antivirus software would reduce the impact of possible viruses; however, unauthorized users would still be able to access the corporate network, which is the biggest risk.