CISA Certified Information Systems Auditor – Question1647

A data center has a badge-entry system. Which of the following is MOST important to protect the computing assets in the center?

A.
Badge readers are installed in locations where tampering would be noticed
B. The computer that controls the badge system is backed up frequently
C. A process for promptly deactivating lost or stolen badges exists
D. All badge entry attempts are logged

Correct Answer: C

Explanation:

Explanation:
Tampering with a badge reader cannot open the door, so this is irrelevant. Logging the entry attempts may be of limited value. The biggest risk is from unauthorized individuals who can enter the data center, whether they are employees or not. Thus, a process of deactivating lost or stolen badges is important. The configuration of the system does not change frequently, therefore frequent backup is not necessary.