Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IIBA CBAP Exam - Topic 4 Question 68 Discussion

Actual exam question for IIBA's CBAP exam
Question #: 68
Topic #: 4
[All CBAP Questions]

A conservative company with rigorous risk control plans and internal audit rules has a recurrent problem with a core Business application. As a result access to this application must be restricted and controlled and maintenance must be on-site. However, the company feels that the application must have an emergency service team. The routine maintenance of this solution is provided by an external vendor and the vendor requested 24 hours remote access to quality and production dat

a. In this context what is the company's response to the vendor's request?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Jesusita at Apr 03, 2023, 07:23 AM

Limited Time Offer

25%

Off

Get Premium CBAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cory
4 months ago
They’ll probably stick to their guns and deny it.
upvoted 0 times
...
Viva
5 months ago
Wait, they’d actually consider remote access? That’s surprising!
upvoted 0 times
...
Leatha
5 months ago
No way they’ll give remote access, too risky!
upvoted 0 times
...
Paola
5 months ago
I think they might accept it, they need help fast!
upvoted 0 times
...
Cecilia
5 months ago
Definitely denied because of their strict risk policies.
upvoted 0 times
...
Ettie
5 months ago
I’m torn between A and C. Denying the request seems logical, but if there's an urgent problem, maybe they would accept it just this once?
upvoted 0 times
...
Irma
5 months ago
This reminds me of a practice question where a vendor's access was denied due to strict internal controls. I feel like that could apply here too.
upvoted 0 times
...
Jannette
5 months ago
I’m not entirely sure, but I think if the company has a serious issue, they might consider accepting the request despite their usual protocols.
upvoted 0 times
...
Ashlee
6 months ago
I remember we discussed how risk-averse companies often prioritize security over convenience, so I think the answer might lean towards denying the request.
upvoted 0 times
...
Lawrence
6 months ago
Hmm, I'm a bit unsure about this one. The wording is a bit confusing, and I want to make sure I understand exactly what they're asking for. Let me re-read it carefully.
upvoted 0 times
...
Barabara
6 months ago
Okay, I've got an idea. Since the default OWD is Public Read/Write, we need to find a way to override that for the community users. I'm thinking option B, defining an owner-based sharing rule, might be the way to go.
upvoted 0 times
...
Theron
6 months ago
Okay, let me think this through. I know systemd-journald is the newer logging system, so I'll focus on understanding how it works and how it differs from syslog.
upvoted 0 times
...
Keith
6 months ago
I have a hunch that modifying the NAT policy might not even be necessary; maybe we just need to check the access policy settings.
upvoted 0 times
...
Lashon
10 months ago
The vendor must be living in a fantasy land if they think a 'rigorous risk control' company is going to let them remote in. They might as well ask the CEO to hand over their login credentials and social security numbers while they're at it.
upvoted 0 times
...
Pamella
10 months ago
I'm torn, but I think the company will go with option A. They're all about the risk control, and 24-hour remote access is a big no-no in their world. Guess the vendor will have to pack their bags and come on-site.
upvoted 0 times
Genevieve
9 months ago
C) Denied- because the vendor requested it
upvoted 0 times
...
Brandon
9 months ago
B) Accepted, because the company has an urgent problem to solve
upvoted 0 times
...
Tabetha
10 months ago
A) Dented because of the company's risk aversion
upvoted 0 times
...
...
Reta
11 months ago
Haha, the vendor is really pushing their luck here. 'Because I asked for it' is definitely not a valid reason for a company this risk-averse. They'll probably respond with a firm 'Denied' and a strongly worded email.
upvoted 0 times
Daren
9 months ago
Haha, the vendor is really pushing their luck here. 'Because I asked for it' is definitely not a valid reason for a company this risk-averse. They'll probably respond with a firm 'Denied' and a strongly worded email.
upvoted 0 times
...
Karima
10 months ago
The company's security measures are non-negotiable
upvoted 0 times
...
Pa
10 months ago
A) Dented because of the company's risk aversion
upvoted 0 times
...
Brett
11 months ago
They won't budge on this one, strict rules in place
upvoted 0 times
...
Janae
11 months ago
Denied- because the vendor requested it
upvoted 0 times
...
...
Lettie
11 months ago
I'm going with option C. No way a conservative company like this is going to give remote access to their production data, no matter how urgent the problem is. Security trumps convenience.
upvoted 0 times
Rutha
9 months ago
C) Denied- because the vendor requested it
upvoted 0 times
...
Vannessa
9 months ago
B) Accepted, because the company has an urgent problem to solve
upvoted 0 times
...
Casandra
10 months ago
A) Dented because of the company's risk aversion
upvoted 0 times
...
Bernardine
10 months ago
I understand the concern, but sometimes you have to weigh the risks against the benefits.
upvoted 0 times
...
Clay
10 months ago
Even then, I think the risk is too high to grant remote access.
upvoted 0 times
...
Silvana
10 months ago
But what if the issue is critical and needs immediate attention?
upvoted 0 times
...
Marshall
10 months ago
I agree, security should always come first.
upvoted 0 times
...
...
Cammy
11 months ago
This is a tricky one. The company's risk aversion and strict internal policies make me think they'll deny the vendor's request. But if the issue is really that urgent, they might make an exception.
upvoted 0 times
Lorean
10 months ago
B) Accepted, because the company has an urgent problem to solve
upvoted 0 times
...
Elise
11 months ago
A) Dented because of the company's risk aversion
upvoted 0 times
...
...
Cherilyn
11 months ago
That's true, maybe the company will accept it for that reason.
upvoted 0 times
...
Delpha
11 months ago
But what if the vendor needs immediate access to fix the problem?
upvoted 0 times
...
Cherilyn
12 months ago
I think the company will deny the vendor's request.
upvoted 0 times
...

Save Cancel