Certified Information Systems Auditor (CISA) — Question 740

When protecting mobile devices, which of the following is the PRIMARY risk mitigated by authentication controls?

Answer options

• A. Software updates
• B. Data availability and integrity
• C. Internal or external security breaches
• D. IT service failure

Correct answer: C

Explanation

Authentication controls primarily protect against unauthorized access, thereby mitigating the risk of internal or external security breaches. The other options, such as software updates, data availability and integrity, and IT service failure, do not directly relate to the function of authentication in securing mobile devices.