nerdexam
PECB

LEAD-AUDITOR · Question #82

LEAD-AUDITOR Question #82: Real Exam Question with Answer & Explanation

Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #82. The question stem and answer options stay visible for context.

Question

You are performing an ISMS audit at a residential nursing home that provides healthcare services and are reviewing the Software Code Management (SCM) system. You found a total of 10 user accounts on the SCM. You confirm that one of the users, Scott, resigned 9-months ago. The SCM System Administrator confirmed Scott's last check-out of the source code was found 1 month ago. He was using one of the uthorized desktops from the local network in a secure area. You check with the user de- registration procedure which states "Managers have to make sure of deregistration of the user account and authorisation immediately from the relevant ICT system and/or equipment after resignation approval." There was no deregistration record for user Scott. The IT Security Manager explains that Scott still comes back to the office every month after he resigned to provide support on source code maintenance. That's why his account on SCM still exists. You would like to investigate other areas further to collect more audit evidence. Select three options that would not be valid audit trails.

Options

  • ACollect more evidence on how access controls are periodically reviewed to maintain security
  • BCollect more evidence on how the transition of Scott from full-time to part-time employment was
  • CCollect more evidence from Scott's background verification checks performed by the human
  • DCollect more evidence of why Scott resigned and whether his re-engagement represents a conflict
  • ECollect more evidence on how Scott can access the employee's desktop and local network.
  • FCollect more evidence on how Scott can access the secure are a. (Relevant to control A.8.4)
  • GCollect more evidence on how the organization pays for Scott's source code maintenance support
  • HCollect more evidence on where Scott kept the source code that he checked out and how it was

Unlock LEAD-AUDITOR to see the answer

You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock LEAD-AUDITOR - $49.99 / 30 daysSign in
Full LEAD-AUDITOR Practice