Certified Information Systems Auditor (CISA) — Question 1427

Which of the following should be reviewed FIRST when assessing the effectiveness of an organization's network security procedures and controls?

Answer options

• A. Malware defenses
• B. Inventory of authorized devices
• C. Data recovery capability
• D. Vulnerability remediation

Correct answer: B

Explanation

The inventory of authorized devices is crucial because it establishes a baseline of what is permitted on the network. Without knowing which devices are authorized, assessing the effectiveness of other security measures becomes difficult. The other options, while important, are secondary to understanding what devices are supposed to be on the network.