Certified Information Systems Auditor (CISA) — Question 594

A database administrator (DBA) should be prevented from:

Answer options

• A. accessing sensitive information.
• B. having end user responsibilities.
• C. having access to production files.
• D. using an emergency user ID.

Correct answer: A

Explanation

The correct answer is A because a DBA should not have access to sensitive information to maintain data privacy and security. Options B, C, and D may involve legitimate roles and responsibilities for a DBA, depending on the organization's policies, but accessing sensitive information poses a greater risk.