An IS auditor is auditing the infrastructure of an organization that hosts critical applications withing a virtual environment.
Which of the following is MOST important for the auditor to focus on?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
As an IS auditor, auditing the infrastructure of an organization that hosts critical applications within a virtual environment, the most important aspect to focus on would be the controls in place to prevent compromise of the host. Option B is the correct answer.
Explanation:
Virtualization technology has become increasingly popular for hosting critical applications in recent times. The technology allows multiple virtual machines (VMs) to be hosted on a single physical host. As a result, it is essential to ensure that the infrastructure is secure and protected from any form of compromise.
Option A, the ability to copy and move virtual machines in real-time, may be important in terms of the flexibility it offers but is not the most crucial aspect to focus on. This is because the ability to copy and move virtual machines is a feature of virtualization and may not necessarily pose a significant security risk.
Option C, issues arising from system management of a virtual infrastructure, may be important as well, but it is not the most critical aspect. The management of a virtual infrastructure can be challenging, and there may be issues such as VM sprawl, licensing, and performance management. However, these are operational issues and may not pose a significant security risk.
Option D, qualifications of employees managing the applications, is essential in terms of ensuring that the staff has the necessary skills and expertise to manage the virtual environment. However, it is not the most crucial aspect to focus on in terms of security.
In summary, the IS auditor should focus on the controls in place to prevent compromise of the host, as this is the most critical aspect in terms of securing the virtual infrastructure hosting critical applications.