Isaca Exam Cybersecurity-Audit-Certificate Topic 1 Question 14 Discussion

Actual exam question for Isaca's ISACA Cybersecurity Audit Certificate exam

Question #: 14
Topic #: 1

[All ISACA Cybersecurity Audit Certificate Questions]

What should be an IS auditor's GREATEST concern when an organization's virtual private network (VPN) is implemented on employees' personal mobile devices?

AUsers may access services over the VPN that are network resource intensive.

BUsers may store the data in plain text on their mobile devices.

CUsers may access the corporate network from unauthorized devices.

DUsers may access services not supported by the VPN.

Show Suggested Answer

Suggested Answer: B

When employees use personal mobile devices to access a VPN, the greatest concern for an IS auditor is the potential for sensitive data to be stored in an unsecured manner. If data is stored in plain text, it could be easily accessed by unauthorized parties if the device is lost, stolen, or compromised. This risk is heightened when the devices are not managed by the organization's IT department, which would typically enforce security policies such as encryption.

by Lavonna at Apr 23, 2024, 05:28 PM

Limited Time Offer

25%

Off

Get Premium Cybersecurity-Audit-Certificate Questions as Interactive Web-Based Practice Test or PDF