Prev Question
Next Question

An IS auditor selects a server for a penetration test that will be carried out by a technical specialist.
Which of the following is MOST important?

The tools used to conduct the test

Certifications held by the IS auditor

Permission from the data owner of the server

An intrusion detection system (IDS) is enabled

The data owner should be informed of the risks associated with a penetration test, what types of

tests are to be conducted and other relevant details. All other choices are not as important as the
data owner’s responsibility for the security of the data assets.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *