CISSP – Information Systems Security Management Professional (ISSMP) — Question 43
Which of the following types of activities can be audited for security? Each correct answer represents a complete solution. Choose three.
Answer options
- A. Data downloading from the Internet
- B. File and object access
- C. Network logons and logoffs
- D. Printer access
Correct answer: B, C, D
Explanation
The correct answers, B, C, and D, relate directly to activities that can be audited for security purposes. File and object access, network logons and logoffs, and printer access are all critical areas where auditing can help track security incidents. In contrast, data downloading from the Internet is not typically subject to auditing in the same way.