Examice

Exam CISA All QuestionsBrowse all questions from this exam

Go to Exam

Question 80

Which of the following should be of GREATEST concern to an IS auditor reviewing a network printer disposal process?

Business units are allowed to dispose printers directly to authorized vendors.

Inoperable printers are stored in an unsecured area.

Disposal policies and procedures are not consistently implemented.

Evidence is not available to verify printer hard drives have been sanitized prior to disposal.

Correct Answer: D

The greatest concern when reviewing a network printer disposal process is ensuring that any sensitive information is not exposed. Network printers often store sensitive documents, user credentials, and network configurations on their internal hard drives. If the hard drives are not properly sanitized before disposal, this information could be accessed by unauthorized individuals, posing significant security risks. Therefore, the absence of evidence verifying that printer hard drives have been sanitized prior to disposal is the most critical issue.

Discussion

survivalkitOption: D

An IS auditor reviewing a network printer disposal process should be most concerned with the evidence available to verify that the hard drives of the printers have been sanitized prior to disposal. The hard drives of network printers may contain sensitive and confidential information, such as confidential documents, user credentials, or network configurations. If this information is not properly sanitized prior to disposal, it could be accessed by unauthorized individuals and potentially used for malicious purposes.

NAJ_88Option: B

should be C. because the question asking on the process. so to confirm on the p&p is compliance and implemented.

Victor83516

but you choose the ansewer B...Please resubmit your chose

MunaMOption: D

can some please confirm which is correct C or D? I think D

46080f2Option: C

First of all policies and procedures have to be implemented consistently. If A., B. or D. is an issue depends on what has been defined in the policies and procedures afterwards.

HengaOption: C

Answer is C, and D is the subset of C

sleekdungaOption: C

The answer is C in my opinion, because disposal policies and procedures being inconsistent not only tells the auditor about the printer in question but other printers and devices that have been disposed or that will require disposal in the future. Its easy to think the answer is D, but it C is the best bet, opening the auditor's eyes to what is obtainable with this one printer and several other devices.

a84nOption: C

Answer: C Addressing the consistency of disposal policies and procedures would likely address various risks associated with the printer disposal process, including ensuring the proper sanitization of printer hard drives.

5b56aaeOption: C

C for me

SwallowsOption: D

Without a disposal certificate, there can be no assurance that the data has been disposed of correctly.

lingtianx1127Option: D

D is correct

akosigengenOption: C

C. is correct

OD1NOption: C

C is Correct

katyakOption: C

I think correct answer is C: not following the disposal policy consistently. All other answers actually shows that policy has not been followed and bears the risk with integrity and confidentiality of information that could be contained on hard drives.

srisai_tOption: D

Whats the right answer? it should be "D" because there is no evidence to support C