Which of the following would be of GREATEST concern to an IS auditor conducting an audit of an organization's network security with the focus of preventing system breaches?
Which of the following would be of GREATEST concern to an IS auditor conducting an audit of an organization's network security with the focus of preventing system breaches?
Help desk personnel having the ability to remote into other external systems presents the greatest concern for an IS auditor focused on preventing system breaches. This capability could lead to unauthorized access, heightened risk of data breaches, and potential insider threats, especially if proper controls, logging, and monitoring are not implemented. It increases the risk of exploitation by malicious actors or unintentional security lapses.
It is C. C. Help desk personnel are able to remote into other external systems. This is the greatest concern because it presents a significant security risk. If help desk personnel can remotely access external systems, it could lead to unauthorized access, data breaches, and potential insider threats. Such access could be exploited by malicious actors or could result in inadvertent security lapses, especially if proper controls, logging, and monitoring are not in place. It is NOT D because monitoring incoming malicious traffic is typically the role of other systems like IDS/IPS, firewalls, or antivirus solutions. The primary role of DLP is to prevent data leaks and not to monitor incoming malicious traffic.
Having computer names publicly available poses a security risk by aiding attackers in targeting specific systems, which is a major concern as it provides a potential entry point for system compromise.
Monitoring incoming traffic is crucial for detecting and preventing potential malicious activity, unauthorized access attempts, and data exfiltration. A lack of monitoring in the DLP system increases the risk of system breaches and can leave the network vulnerable to various security threats.