Home » Isaca » CISA » To ensure compliance with a security policy requiring that passwords be a combination of letters and numbers, an IS auditor should recommend that:
To ensure compliance with a security policy requiring that passwords be a combination of letters and numbers, an IS auditor should recommend that:
A. the company policy be changed.
B. passwords are periodically changed.
C. an automated password management tool be used.
D. security awareness training is delivered.
Correct Answer: C
Explanation/Reference:
The use of an automated password management tool is a preventive control measure. The software would prevent repetition (semantic) and would enforce syntactic rules, thus making the passwords robust. It would also provide a method for ensuring frequent changes and would prevent the same user from reusing their old password for a designated period of time. Choices A, B and D do not enforce compliance.
How To Pass CISA Exam?
Isaca CISA PDF dumps.
High quality CISA PDF and software. VALID exam to help you pass.
|
 |
|
Download Printable PDF. VALID exam to help you PASS.
|
|
