Isaca Cybersecurity Audit Certificate Exam

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It establishes a barrier between a secure internal network and an untrusted external network, such as the internet. This system is designed to prevent unauthorized access to or from private networks and is a fundamental piece of a comprehensive security framework for any organization.

When employees use personal mobile devices to access a VPN, the greatest concern for an IS auditor is the potential for sensitive data to be stored in an unsecured manner. If data is stored in plain text, it could be easily accessed by unauthorized parties if the device is lost, stolen, or compromised. This risk is heightened when the devices are not managed by the organization's IT department, which would typically enforce security policies such as encryption.

Replicating privileged access to a user's own mobile device presents the greatest risk to corporate data. This is because it potentially allows unauthorized access to sensitive information if the device is lost, stolen, or compromised. Privileged access means having elevated permissions that are typically reserved for administrators. When such access is available on a personal device, it bypasses many of the security controls that a company would normally have in place.

Option A, remote wipe, is actually a security feature that can protect data if a device is lost or stolen. Option B, lack of training, can increase risk but does not directly expose data like privileged access does. Option C, devices not obtained through corporate provisioning, can be a risk, but this risk is generally less than that of replicating privileged access.

When employees use personal mobile devices to access a VPN, the greatest concern for an IS auditor is the potential for sensitive data to be stored in an unsecured manner. If data is stored in plain text, it could be easily accessed by unauthorized parties if the device is lost, stolen, or compromised. This risk is heightened when the devices are not managed by the organization's IT department, which would typically enforce security policies such as encryption.

A limitation of intrusion detection systems (IDS) is that they cannot detectapplication-level vulnerabilities. An IDS is a tool that monitors network traffic or system activity and alerts on any suspicious or malicious events. However, an IDS cannot analyze the logic or functionality of applications and identify vulnerabilities such as SQL injection, cross-site scripting, or broken authentication.