CISA 2006年题库-725题.doc

40. In a critical server, an IS auditor discovers a Trojan horse that was produced by a known virus that exploits a vulnerability of an operating system. Which of the following should an IS auditor do FIRST?
A. Investigate the viruss author.
B. Analyze the operating system log.
C. Ensure that the malicious code is removed.
D. Install the patch that eliminates the vulnerability.
The correct answer is:C.
Explanation:The pri