0 votes
in CISA by

An IS auditor selects a server for a penetration test that will be carried out by a technical specialist. Which of the following is MOST important?

A. The tools used to conduct the test

B. Certifications held by the IS auditor

C. Permission from the data owner of the server

D. An intrusion detection system (IDS) is enabled

1 Answer

0 votes
by

Answer

C. Permission from the data owner of the server

Reason: 

The data owner should be informed of the risks associated with a penetration test, what types of tests are to be conducted and other relevant details. All other choices are not as important as the data owner’s responsibility for the security of the data assets.

...