CISA Certified Information Systems Auditor – Question1610

What is the BEST action to prevent loss of data integrity or confidentiality in the case of an e- commerce application running on a LAN, processing electronic fund transfers (EFT) and orders?

A.
Using virtual private network (VPN) tunnels for data transfer
B. Enabling data encryption within the application
C. Auditing the access control to the network
D. Logging all changes to access lists

Correct Answer: A

Explanation:

Explanation:
The best way to ensure confidentiality and integrity of data is to encrypt it using virtual private network (VPN) tunnels. This is the most common and convenient way to encrypt the data traveling over the network. Data encryption within the application is less efficient than VPN. The other options are good practices, but they do not directly prevent the loss of data Integrity and confidentiality during communication through a network.