CISA Certified Information Systems Auditor – Question1885 - CISA Certified Information Systems Auditor

Which of the following refers to an important procedure when evaluating database security?

A. performing vulnerability assessments against the database.
B. performing data check against the database.
C. performing dictionary check against the database.
D. performing capacity check against the database system.
E. None of the choices.

Correct Answer: A

Explanation:

Explanation:
Databases provide many layers and types of security, including Access control, Auditing, Authentication, Encryption and Integrity controls. An important procedure when evaluating database security is performing vulnerability assessments against the database.
Database administrators or Information security administrators run vulnerability scans on databases to discover misconfiguration of controls within the layers mentioned above along with known vulnerabilities within the database software.