To determine who has been given permission to use a particular system resource, an IS auditor should review: A. activity lists. B. access control lists. C. logon ID lists. D. password lists.
Correct Answer: B
Explanation:
Explanation:
Access control lists are the authorization tables that document the users who have been given permission to use a particular system resource and the types of access they have been granted. The other choices would not document who has been given permission to use (access) specific system resources.
Please disable your adblocker or whitelist this site!