Which of the following should concern an IS auditor when
reviewing security in a client-server environment?
A. Data is protected by an encryption technique.
B. Diskless workstations prevent unauthorized access.
C. Ability of users to access and modify the database directly.
D. Disabling floppy drives on the users machines.
Answer Posted / guest
Answer: C
For the purpose of data security in a client-server
environment, an IS auditor should be concerned with the
users ability to access and modify a database directly. This
could affect the integrity of the data in the database. Data
protected by encryption aids in securing the data. Diskless
workstations prevent copying of data into local disks and
thus helps to maintain the integrity and confidentiality of
data. Disabling floppy drives is a physical access control,
which helps to maintain the confidentiality of data by
preventing it from being copied onto a disk.
Is This Answer Correct ? | 5 Yes | 1 No |
Post New Answer View All Answers