Certified Information Systems Auditor (CISA) — Question 1035

A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?

Answer options

• A. Periodically reviewing log files
• B. Configuring the router as a firewall
• C. Installing biometrics-based authentication
• D. Using smart cards with one-time passwords

Correct answer: A

Explanation

Periodically reviewing log files is the most effective method for detecting intrusion attempts as it allows for the identification of patterns and anomalies in access attempts. Configuring the router as a firewall helps in blocking unauthorized access but may not log all intrusion attempts. Installing biometrics-based authentication and using smart cards with one-time passwords enhance security but do not directly provide insights into intrusion attempts.