ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1164 discussion

Actual exam question from Isaca's CISA
Question #: 1164
Topic #: 1
[All CISA Questions]

During a database management evaluation, an IS auditor discovers that some accounts with database administrator (DBA) privileges have been assigned a default password with an unlimited number of failed login attempts. Which of the following is the auditor's BEST course of action?

  • A. Postpone the audit until adequate security and password management practices are established.
  • B. Document the finding and explain the risk of having administrator accounts with inappropriate security settings.
  • C. Identify accounts that have had excessive failed login attempts and request they be disabled.
  • D. Request the IT manager to change administrator security parameters and update the finding.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by shiowbah at Nov. 11, 2023, 6:50 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
FAGFUR
7 months, 2 weeks ago
Selected Answer: B
The best course of action for the IS auditor, upon discovering that some accounts with database administrator privileges have been assigned a default password with an unlimited number of failed login attempts, is to document the finding and explain the risk of having administrator accounts with inappropriate security settings. Documenting the finding and explaining the risk is an essential step in the audit process. It provides a clear record of the security weakness and its potential impact on the organization. It also serves to raise awareness among relevant stakeholders about the risks associated with weak security settings on administrator accounts.
upvoted 3 times
...
shiowbah
7 months, 3 weeks ago
D. Request the IT manager to change administrator security parameters and update the finding.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel