Question 2941 - CISA Certified Information Systems Auditor

To determine which users can gain access to the privileged supervisory state, which of the following should an IS auditor review?

A. System access log files
B. Enabled access control software parameters
C. Logs of access control violations
D. System configuration files for control options used

Correct Answer: D

Explanation:

Explanation:
A review of system configuration files for control options used would show which users have access to the privileged supervisory state. Both systems access log files and logs of access violations are detective in nature. Access control software is run under the operating system.

CISA Certified Information Systems Auditor

Tag: Question 2941

CISA Certified Information Systems Auditor – Question2941