An IS auditor is evaluating a corporate network for a possible penetration by employees.
Which of the following findings should give the IS auditor the GREATEST concern?
A . There are a number of external modems connected to the network.
B . Users can install software on their desktops.
C . Network monitoring is very limited.
D . Many user IDs have identical passwords.
Answer: D
Explanation:
Exploitation of a known user ID and password requires minimal technical knowledge and exposes the network resources to exploitation. The technical barrier is low and the impact can be very high; therefore, the fact that many user IDs have identical passwords represents the greatest threat. External modems represent a security risk, but exploitation still depends on the use of a valid user account. While the impact of users installing software on their desktops can be high {for example, due to the installation of Trojans or key-logging programs), the likelihood is not high due to the level of technical knowledge required to successfully penetrate the network. Although network monitoring can be a useful detective control, it will only detect abuse of user accounts in special circumstances and is, therefore, not a first line of defense.
Leave a Reply