Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 79

An organization allows employees to use their personal mobile devices to access its database. Which of the following best maintains the confidentiality of different records within the database?

Answer options

• A. Regular remote wiping of the mobile devices accessing the database.
• B. Encrypted data transmissions between mobile devices and the database.
• C. Restrictions on the access permissions when mobile devices are used.
• D. The use of two-factor authentication algorithms for those who use remote access.

Correct answer: B

Explanation

The correct answer, B, is crucial because encrypted data transmissions protect the information being sent between mobile devices and the database from unauthorized access. While A, C, and D enhance security in various ways, they do not specifically address the confidentiality of the data being transmitted, which is the primary concern in this scenario.