Answer: A Not reporting an intrusion is equivalent to an IS auditor hid

Which of the following should be of MOST concern to an IS
auditor?

A. Lack of reporting of a successful attack on the network

B. Failure to notify police of an attempted intrusion

C. Lack of periodic examination of access rights

D. Lack of notification to the public of an intrusion

Question Posted / guest

1 Answers
8981 Views
I also Faced
E-Mail Answers

Answer Posted / guest

Answer: A

Not reporting an intrusion is equivalent to an IS auditor
hiding a malicious intrusion, which would be a professional
mistake. Although notification to the police may be required
and the lack of a periodic examination of access rights
might be a concern, they do not represent as big a concern
as the failure to report the attack. Reporting to the public
is not a requirement and is dependent on the organization's
desire or lack thereof to make the intrusion known.

Is This Answer Correct ?

7 Yes

0 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

purchase orders issued to vendors have been authorized as per the authorization matrix

1093

WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT

2843