Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 196

Which of the following would be the strongest control to prevent unauthorized wireless network access?

Answer options

• A. Allowing access to the organization’s network only through a virtual private network.
• B. Logging devices that access the network, including the date, time, and identity of the user.
• C. Tracking all mobile device physical locations and banning access from non-designated areas.
• D. Permitting only authorized IT personnel to have administrative control of mobile devices.

Correct answer: D

Explanation

The correct answer is D because restricting administrative control to authorized IT personnel minimizes the risk of unauthorized changes or access to mobile devices, which could compromise network security. While options A, B, and C enhance security, they do not directly control who has the authority to manage mobile devices, making them less effective as a primary measure.