ExpertEasy1 markMultiple Choice
CPA · Question 52 · Area II: Security
During a security walkthrough, an auditor notices that employees are writing passwords on sticky notes attached to their monitors. Which control is failing?
During a security walkthrough, an auditor notices that employees are writing passwords on sticky notes attached to their monitors. Which control is failing?
Answer options:
A.
Password Complexity Settings
B.
Firewall Configuration
C.
Security Awareness Training
D.
Encryption
How to approach this question
Identify the human element failure.
Full Answer
C.Security Awareness Training✓ Correct
Writing passwords down is a behavioral issue addressed by training and culture (Security Awareness).
Common mistakes
Blaming the password policy (though it might be a contributing factor, the direct control failure is awareness).
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy