What MIS security practice is required when the user leaves a computer unattended?

• A. A password is needed and the computer must be locked or logged off.
• B. Password is optional if the user is trusted.
• C. The screen saver alone is sufficient.
• D. The password can be shared with teammates.

Answer: (A)

When a workstation is left unattended, the session must be secured so no one else can access it without authentication. Requiring a password to unlock and locking or logging off the computer creates a clear barrier between the user’s data and anyone who steps away, protecting sensitive information, applications, and network credentials from unauthorized use.

A screen saver by itself isn’t enough because it may not require a password, or could be bypassed, leaving the session vulnerable. Having a password be optional based on trust undermines accountability and security, and sharing passwords with teammates defeats authentication and traceability. The strongest, most reliable practice is to require a password to unlock and to lock or log off the device when it’s unattended.