CISM Certified Information Security Manager – Question0805

A payroll application system accepts individual user sign-on IDs and then connects to its database using a single application ID. The GREATEST weakness under this system architecture is that:

A.
users can gain direct access to the application ID and circumvent data controls.
B. when multiple sessions with the same application ID collide, the database locks up.
C. the database becomes unavailable if the password of the application ID expires.
D. an incident involving unauthorized access to data cannot be tied to a specific user.

Correct Answer: D