An IS auditor is concerned that unauthorized access to a highly sensitive data center might be gained by piggybacking or tailgating. Which of the following is the BEST recommendation?
Q: the BEST recommendation?
Answer: D Biometric authentication methods, reduces the risk of unauthorized access by ensuring that only authorized individuals with registered biometric data can gain entry to the sensitive data center.
An individual follows an authorized user into a secure area without going through the necessary security checks. To prevent this, organizations should have procedures in place to escort visitors and monitor their movements while they are in the data center. This ensures that unauthorized users do not gain access to the sensitive data center.
The best recommendation to mitigate the risk of unauthorized access through piggybacking or tailgating is an airlock entrance.
An airlock entrance is a physical security measure designed to control access by allowing only one person to enter or exit at a time. It consists of two separate doors with an enclosed space in between. The first door must close and secure before the second door opens, ensuring that only one person can pass through at a time. This prevents unauthorized individuals from following closely behind an authorized person without proper authentication.
Deadman doors, also referred to as a mantrap or airlock entrance, uses two doors and is typically found in entries to facilities, such as computer rooms and high-security areas. For the second door to operate, the first entry door must close and lock, with only one person permitted in the holding area. This reduces the risk of tailgating or piggybacking, when an unauthorized person follows an authorized person through a secured entry.
Reference: CRM 5.3.4 PHYSICAL ACCESS EXPOSURES AND CONTROLS
An airlock entrance is a security measure that involves a double-door system where the first door must close and secure before the second door can open. This design helps prevent unauthorized individuals from entering by tailgating behind an authorized person. It requires proper authentication and access control before allowing entry into the data center, making it a highly effective solution for mitigating tailgating and piggybacking risks.
While the other options (B. Intruder alarms, C. Procedures for escorting visitors, D. Biometrics) can be important components of a security strategy, they may not be as effective as an airlock entrance specifically designed to prevent tailgating and piggybacking.
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
a84n
5 months, 2 weeks agoSwallows
6 months, 4 weeks agoFAGFUR
11 months, 1 week agoSuperman
1 year, 1 month agoSuperMax
1 year agocybervds
1 year, 3 months ago3008
1 year, 5 months ago3008
1 year, 2 months agoswmasinde
1 year, 6 months agoswmasinde
1 year, 5 months agosaado9
1 year, 6 months ago