Explore the most effective control to prevent shadow IT proliferation. Understand how implementing a software allow list can limit the use of unauthorized applications.
Table of Contents
Question
Which of the following is the MOST effective control to prevent proliferation of shadow IT?
A. Implement a software allow list.
B. Conduct periodic vulnerability scanning.
C. Install a solution to detect unlicensed software.
D. Conduct software audits.
Answer
A. Implement a software allow list.
Explanation
Shadow IT refers to the use of IT systems, devices, software, applications, and services without explicit IT department approval. It has grown exponentially with the increase in the use of cloud services, mobile devices, and software as a service (SaaS).
Implementing a software allow list can effectively control the use of unauthorized software and prevent the proliferation of shadow IT. This is because an allow list only permits the installation and execution of approved software, thereby limiting the ability of users to install and use unauthorized applications.
ISACA CISM certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CISM exam and earn ISACA CISM certification.