During an audit of an access control system, an IS auditor finds that RFID card readers are not connected via the network to a central server. Which of the following is the GREATEST risk associated with this finding?
During an audit of an access control system, an IS auditor finds that RFID card readers are not connected via the network to a central server. Which of the following is the GREATEST risk associated with this finding?
The greatest risk associated with RFID card readers not being connected to a central server is that lost or stolen cards cannot be disabled immediately. This leaves the organization vulnerable to unauthorized access by individuals who possess these cards. In scenarios where immediate action is required to disable access, the lack of real-time connectivity to a central server poses a significant security threat.
Unauthorized Access is the greatest risk. The answer is A. Lost or stolen cards cannot be disabled immediately.
A is correct. Incident can be investigated even if logging is not centralized. as long as trails can be obtained from other sources that provide evidence of an incident, investigation will take place. relying only on the central logging will not yield sufficient information
When RFID card readers are not connected to a central server, there is no real-time communication or synchronization between the card readers and the central access control system. As a result, if an RFID card is lost or stolen, there is no mechanism in place to immediately disable or revoke access privileges associated with that card. This leaves the organization vulnerable to unauthorized access by individuals who possess lost or stolen cards.
A. Lost or stolen cards cannot be disabled immediately.