CISA - Certified Information Systems Auditor Logical Access Controls Questions and Answers

Question 1

An IS auditor discovers that a shared administrator account is used by several network engineers to manage critical infrastructure. Which of the following is the GREATEST risk associated with this practice?

Accepted Answer

Inability to trace specific actions to an individual engineer.

Answer

The primary risk of using shared accounts is the loss of accountability. If a malicious or erroneous action occurs, it is impossible to determine which specific individual performed the action because the audit logs will only show the shared account name.

Question 2

An organization wants to implement a logical access model where permissions are assigned to groups based on job functions, rather than to individual users. Which of the following access control models BEST meets this requirement?

Accepted Answer

Role-Based Access Control (RBAC)

Answer

Role-Based Access Control (RBAC) is specifically designed to assign permissions to roles that correspond to business functions. Users are then assigned to these roles, which simplifies access management, enforces the principle of least privilege, and improves scalability.

Question 3

During a review of identity and access management, an IS auditor notes that the organization has not performed a user access review for over a year, despite significant employee turnover and role changes. The PRIMARY risk this creates is:

Accepted Answer

the accumulation of excessive access rights, known as privilege creep.

Answer

Failure to conduct regular user access reviews leads to 'privilege creep,' where users accumulate access rights beyond what is required for their current job function. This increases the risk of unauthorized access and data breaches, as former employees may retain access or current employees may have excessive privileges.

Question 4

Which of the following is the PRIMARY security benefit of implementing a Single Sign-On (SSO) solution across an organization?

Accepted Answer

It reduces the attack surface by decreasing the number of stored credentials.

Answer

The primary security benefit of SSO is that it reduces the attack surface. By centralizing authentication, it minimizes the number of places where passwords are stored and entered, which in turn reduces the risk of password theft, reuse, and leakage.

Question 5

An IS auditor is evaluating controls over privileged accounts in a large enterprise. Which of the following is the MOST effective control for mitigating the risks associated with administrator access?

Accepted Answer

Implementing a Privileged Access Management (PAM) solution with session monitoring.

Answer

A Privileged Access Management (PAM) solution is the most effective and comprehensive control. It provides a centralized mechanism to vault credentials, enforce least privilege, implement just-in-time access, and, most importantly, monitor and record privileged sessions, which creates strong accountability and detectability.

CISA - Certified Information Systems Auditor Practice Test

CISA - Certified Information Systems Auditor Practice Test

CISA - Certified Information Systems Auditor Logical Access Controls Questions and Answers