Are you studying for the Certified Information Systems Auditor or CISA certifications?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
In the scenario where an IT auditor is performing a postimplementation review (PIR) of an organizations infrastructure, what issue would be of the highest concern?
All communication links are not encrypted.
Wireless personal digital assistants (PDAs) are not password-protected.
An outbound web proxy has not been deployed.
Default passwords are not changed when installing network devices.
The most significant risk in this case would be if the factory default passwords are not changed on critical network equipment. While mobile devices that are not password-protected would be a risk, it would not be as significant as unsecured network devices. Similarly, the use of a web proxy is a best practice, but may not be required depending on the enterprise. Encryption is a good control for data security, but is not appropriate to use for all communication links due to cost and complexity.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.