Pre-Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

An IS auditor discovers that a developer has used the same key to grant access...

Isaca CISA Full Course Access
Isaca CISA View All Questions

An IS auditor discovers that a developer has used the same key to grant access to multiple applications making calls to an application programming interface (API). Which of the following is the BEST recommendation to address this situation?

A.

Replace the API key with time-limited tokens that grant least privilege access.

B.

Authorize the API key to allow read-only access by all applications.

C.

Implement a process to expire the API key after a previously agreed-upon period of time.

D.

Coordinate an API key rotation exercise with all impacted application owners.

CISA PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now CISA pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
An organization uses public key infrastructure (PKI) to provide email security.
The GREATEST concern for an IS auditor reviewing vulnerability assessments by the auditee would be...
Previous