CISA Certified Information Systems Auditor – Question3009
In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users? A. Diskless workstations B. Data encryption techniques C. Network monitoring devices D. Authentication systems
Correct Answer: C
Explanation:
Explanation:
Network monitoring devices may be used to inspect activities from known or unknown users and can identify client addresses, which may assist in finding evidence of unauthorized access. This serves as a detective control. Diskless workstations prevent access control software from being bypassed. Data encryption techniques can help protect sensitive or propriety data from unauthorized access, thereby serving as a preventive control. Authentication systems may provide environment wide, logical facilities that can differentiate among users, before providing access to systems.
Please disable your adblocker or whitelist this site!