Last Updated on December 26, 2021 by Admin 3
- CISA : Part 1 - 40
- CISA : Part 41 - 80
- CISA : Part 81 - 120
- CISA : Part 121 - 160
- CISA : Part 161 - 172
Which of the following should concern an IS auditor when reviewing security in a client- server environment?
- Protecting data using an encryption technique
- Preventing unauthorized access using a diskless workstation
- The ability of users to access and modify the database directly
- Disabling floppy drives on the users’ machines
Explanation:Â
For the purpose of data security in a client-server environment, an IS auditor should be concerned with the user’s ability to access and modify a database directly. This could affect the integrity of the data in the database. Data protected by encryption aid in securing the data. Diskless workstations prevent copying of data into local disks and thus help to maintain the integrity and confidentiality of data. Disabling floppy drives is a physical access control, which helps to maintain the confidentiality of data by preventing it from being copied onto a disk.
For the purpose of data security in a client-server environment, an IS auditor should be concerned with the user’s ability to access and modify a database directly. This could affect the integrity of the data in the database. Data protected by encryption aid in securing the data. Diskless workstations prevent copying of data into local disks and thus help to maintain the integrity and confidentiality of data. Disabling floppy drives is a physical access control, which helps to maintain the confidentiality of data by preventing it from being copied onto a disk.
- CISA : Part 1 - 40
- CISA : Part 41 - 80
- CISA : Part 81 - 120
- CISA : Part 121 - 160
- CISA : Part 161 - 172