Certified Information Systems Auditor (CISA) — Question 1423

Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?

Answer options

• A. Monitor access to stored images and snapshots of virtual machines
• B. Restrict access to images and snapshots of virtual machines
• C. Review logical access controls on virtual machines regularly
• D. Limit creation of virtual machine images and snapshots

Correct answer: B

Explanation

The correct answer is B because restricting access to images and snapshots ensures that only authorized users can view or manipulate sensitive data, thus enhancing confidentiality and integrity. Options A and C focus on monitoring and reviewing access, which are reactive measures and don’t prevent unauthorized access, while D does not address the access control aspect effectively.