Certified in Risk and Information Systems Control (CRISC) — Question 1036

During a routine check, a system administrator identifies unusual activity indicating an intruder within a firewall. Which of the following controls has MOST likely been compromised?

Answer options

• A. Authentication
• B. Identification
• C. Data validation
• D. Data integrity

Correct answer: A

Explanation

The correct answer is A, as authentication mechanisms are designed to verify the identity of users accessing the system. If unusual activity is detected, it often indicates that the authentication process may have been bypassed or compromised. The other options, while important, do not directly address the identification of a user's legitimacy in accessing the system.