During an audit of an access control system, an IS auditor finds that RFID card readers are not connected via the network to a central server. Which of the following is the GREATEST risk associated with this finding?
A.
Lost or stolen cards cannot be disabled immediately.
B.
Card reader firmware updates cannot be rolled out automatically.
C.
The system is not easily scalable to accommodate a new device.
D.
Incidents cannot be investigated without a centralized log file.
A is correct.
Incident can be investigated even if logging is not centralized. as long as trails can be obtained from other sources that provide evidence of an incident, investigation will take place. relying only on the central logging will not yield sufficient information
When RFID card readers are not connected to a central server, there is no real-time communication or synchronization between the card readers and the central access control system. As a result, if an RFID card is lost or stolen, there is no mechanism in place to immediately disable or revoke access privileges associated with that card. This leaves the organization vulnerable to unauthorized access by individuals who possess lost or stolen cards.
A. Lost or stolen cards cannot be disabled immediately.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
A_Salem
Highly Voted 2 years, 9 months agoHashi1_snr
Highly Voted 2 years, 7 months agoSwallows
Most Recent 1 month agoChangwha
12 months ago