Certified Information Systems Auditor (CISA) — Question 1127

Which of the following controls BEST mitigates the risk associated with password compromise?

Answer options

• A. Passwords are stored in the cloud.
• B. Passwords are unique for each application.
• C. Passwords have format restrictions.
• D. Passwords are masked.

Correct answer: B

Explanation

The correct answer is B because having unique passwords for each application minimizes the risk of a single compromised password affecting multiple accounts. Options A, C, and D do not effectively prevent passwords from being compromised as they do not address the need for uniqueness across applications.