Isaca Exam Cybersecurity-Audit-Certificate Topic 1 Question 12 Discussion

Actual exam question for Isaca's Cybersecurity-Audit-Certificate exam

Question #: 12
Topic #: 1

[All Cybersecurity-Audit-Certificate Questions]

What should be an IS auditor's GREATEST concern when an organization's virtual private network (VPN) is implemented on employees' personal mobile devices?

AUsers may access services over the VPN that are network resource intensive.

BUsers may store the data in plain text on their mobile devices.

CUsers may access the corporate network from unauthorized devices.

DUsers may access services not supported by the VPN.

Show Suggested Answer

Suggested Answer: B

When employees use personal mobile devices to access a VPN, the greatest concern for an IS auditor is the potential for sensitive data to be stored in an unsecured manner. If data is stored in plain text, it could be easily accessed by unauthorized parties if the device is lost, stolen, or compromised. This risk is heightened when the devices are not managed by the organization's IT department, which would typically enforce security policies such as encryption.

by Lilli at Mar 21, 2024, 04:48 AM

Limited Time Offer

25%

12 months ago

I think an IS auditor's biggest concern should be users accessing the corporate network from unauthorized devices.

upvoted 0 times

...