From an IS auditor's perspective, which of the following would be the GREATEST risk associated with an incomplete inventory of deployed software in an organization?
A.
Inability to determine the cost of deployed software
B.
Inability to close unused ports on critical servers
C.
Inability to identify unused licenses within the organization
D. Inability to deploy updated security patches.
From an IS auditor's perspective, an incomplete inventory of deployed software in an organization poses several risks. However, the greatest risk is the inability to deploy updated security patches. When an organization does not have a complete inventory of its deployed software, it becomes difficult to determine which systems are running specific software applications and therefore, which systems need to be updated with the latest security patches. This can leave the organization vulnerable to security threats and attacks, as attackers can exploit known vulnerabilities in the software that have already been patched by the software vendors. To mitigate this risk, IS auditors would recommend that the organization maintain an up-to-date inventory of its deployed software and regularly deploy security patches to all applicable systems.
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
TEC1
Highly Voted 1 year, 10 months agotakuanism
Most Recent 11 months, 2 weeks agoJONESKA
1 year, 5 months agom4s7er
1 year, 11 months agoMunaM
2 years, 3 months agozuchwaly
2 years, 2 months agoziutek_
2 years ago