CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
Nội dung chính
- When reviewing the desktop software compliance of an organization the IS auditor should be most concerned if the installed software?
- What is the most important part of a disaster recovery plan?
- How do you review a disaster recovery plan?
- Which of the following is the most important reason to classify a disaster recovery plan DRP as confidential?
688
Which of the following would BEST support 24/7 availability? ( A ) Daily backup ( B ) Offsite storage ( C ) Mirroring ( D ) Periodic testing
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
689
The PRIMARY purpose of implementing Redundant Array of Inexpensive Disks (RAID) level 1 in a file server is to: ( A ) achieve performance improvement. ( B ) provide user authentication. ( C ) ensure availability of data. ( D ) ensure the confidentiality of data.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
690
Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup files? The offsite facility must be: ( A ) physically separated from the data center and not subject to the same risks. ( B ) given the same level of protection as that of the computer data center. ( C ) outsourced to a reliable third party. ( D ) equipped with surveillance capabilities.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
691
If a database is restored using before‐image dumps, where should the process begin following an interruption? ( A ) Before the last transaction ( B ) After the last transaction ( C ) As the first transaction after the latest checkpoint ( D ) As the last transaction before the latest checkpoint
1
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
692
In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? ( A ) Maintaining system software parameters ( B ) Ensuring periodic dumps of transaction logs ( C ) Ensuring grandfather‐father‐son file backups ( D ) Maintaining important data at an offsite location
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
693
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following is necessary to restore these files? ( A ) The previous day's backup file and the current transaction tape ( B ) The previous day's transaction file and the current transaction tape ( C ) The current transaction tape and the current hard copy transaction log ( D ) The current hard copy transaction log and the previous day's transaction file
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
694
An offsite information processing facility: ( A ) should have the same amount of physical access restrictions as the primary processing site. ( B ) should be easily identified from the outside so that, in the event of an emergency, it can be easily found. ( C ) should be located in proximity to the originating site, so it can quickly be made operational. ( D ) need not have the same level of environmental monitoring as the originating site.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
695
An IS auditor performing a review of the backup processing facilities should be MOST concerned that: ( A ) adequate fire insurance exists. ( B ) regular hardware maintenance is performed. ( C ) offsite storage of transaction and master files exists. ( D ) backup processing facilities are fully tested.
2
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
696
Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist? ( A ) Reviewing program code ( B ) Reviewing operations documentation ( C ) Turning off the UPS, then the power ( D ) Reviewing program documentation
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
697
Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault? ( A ) There are three individuals with a key to enter the area. ( B ) Paper documents are also stored in the offsite vault. ( C ) Data files that are stored in the vault are synchronized. ( D ) The offsite vault is located in a separate facility.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
698
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by: ( A ) database integrity checks. ( B ) validation checks. ( C ) input controls. ( D ) database commits and rollbacks.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
699
To provide protection for media backup stored at an offsite location, the storage site should be: ( A ) located on a different floor of the building. ( B ) easily accessible by everyone. ( C ) clearly labeled for emergency access. ( D ) protected from unauthorized access.
3
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
700
Which of the following ensures the availability of transactions in the event of a disaster? ( A ) Send tapes hourly containing transactions offsite. ( B ) Send tapes daily containing transactions offsite. ( C ) Capture transactions to multiple storage devices. ( D ) Transmit transactions offsite in real time.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
701
IS management has decided to install a level 1 Redundant Array of Inexpensive Disks (RAID) system in all servers to compensate for the elimination of offsite backups. The IS auditor should recommend: ( A ) upgrading to a level 5 RAID. ( B ) increasing the frequency of onsite backups. ( C ) reinstating the offsite backups. ( D ) establishing a cold site in a secure location.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
702
In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy? ( A ) Disaster tolerance is high. ( B ) Recovery time objective is high. ( C ) Recovery point objective is low. ( D ) Recovery point objective is high.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
703
Network Data Management Protocol (NDMP) technology should be used for backup if: ( A ) a network attached storage (NAS) appliance is required. ( B ) the use of TCP/IP must be avoided. ( C ) file permissions that can not be handled by legacy backup systems must be backed up. ( D ) backup consistency over several related data volumes must be ensured.
4
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
704
An organization currently using tape backups takes one full backup weekly and incremental backups daily. They recently augmented their tape backup procedures with a backup‐to‐disk solution. This is appropriate because: ( A ) fast synthetic backups for offsite storage are supported. ( B ) backup to disk is always significantly faster than backup to tape. ( C ) tape libraries are no longer needed. ( D ) data storage on disks is more reliable than on tapes.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
705
Which of the following should be the MOST important criterion in evaluating a backup solution for sensitive data that must be retained for a long period of time due to regulatory requirements? ( A ) Full backup window ( B ) Media costs ( C ) Restore window ( D ) Media reliability
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
706
In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database? ( A ) Daily data backup to tape and storage at a remote site ( B ) Real‐time replication to a remote site ( C ) Hard disk mirroring to a local server ( D ) Real‐time data backup to the local storage area network (SAN)
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
707
Which of the following backup techniques is the MOST appropriate when an organization requires extremely granular data restore points, as defined in the recovery point objective (RPO)? ( A ) Virtual tape libraries ( B ) Disk‐based snapshots ( C ) Continuous data backup ( D ) Disk‐to‐tape backup
5
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
708
What is the BEST backup strategy for a large database with data supporting online sales? ( A ) Weekly full backup with daily incremental backup ( B ) Daily full backup ( C ) Clustered servers ( D ) Mirrored hard disks
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
709
NEW 2009
During an audit, an IS auditor notes that an organization's business continuity plan (BCP) does not adequately address information confidentiality during a recovery process. The IS auditor should recommend that the plan be modified to include: ( A ) the level of information security required when business recovery procedures are invoked. ( B ) information security roles and responsibilities in the crisis management structure. ( C ) information security resource requirements. ( D ) change management procedures for information security that could affect business continuity arrangements.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
710
NEW 2009
Which of the following is the GREATEST risk when storage growth in a critical file server is not managed properly? ( A ) Backup time would steadily increase ( B ) Backup operational cost would significantly increase ( C ) Storage operational cost would significantly increase ( D ) Server recovery work may not meet the recovery time objective (RTO)
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.1
711
NEW 2009
Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)? ( A ) Minimum operating requirements ( B ) Acceptable data loss ( C ) Mean time between failures ( D ) Acceptable time for recovery
6
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
712
A structured walk‐through test of a disaster recovery plan involves: ( A ) representatives from each of the functional areas coming together to go over the plan. ( B ) all employees who participate in the day‐to‐day operations coming together to practice executing the plan. ( C ) moving the systems to the alternate processing site and performing processing operations. ( D ) distributing copies of the plan to the various functional areas for review.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
713
In a contract with a hot, warm or cold site, contractual provisions should cover which of the following considerations? ( A ) Physical security measures ( B ) Total number of subscribers ( C ) Number of subscribers permitted to use a site at one time ( D ) References by other users
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
714
Which of the following is the GREATEST concern when an organization's backup facility is at a warm site? ( A ) Timely availability of hardware ( B ) Availability of heat, humidity and air conditioning equipment ( C ) Adequacy of electrical power connections ( D ) Effectiveness of the telecommunications network
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
715
Which of the following recovery strategies is MOST appropriate for a business having multiple offices within a region and a limited recovery budget? ( A ) A hot site maintained by the business ( B ) A commercial cold site ( C ) A reciprocal arrangement between its offices ( D ) A third‐party hot site
7
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
716
The PRIMARY purpose of a business impact analysis (BIA) is to: ( A ) provide a plan for resuming operations after a disaster. ( B ) identify the events that could impact the continuity of an organization's operations. ( C ) publicize the commitment of the organization to physical and logical security. ( D ) provide the framework for an effective disaster recovery plan.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
717
After implementation of a disaster recovery plan, pre‐disaster and post‐disaster operational costs for an organization will: ( A ) decrease. ( B ) not change (remain the same). ( C ) increase. ( D ) increase or decrease depending upon the nature of the business.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
718
Which of the following is the MOST reasonable option for recovering a noncritical system? ( A ) Warm site ( B ) Mobile site ( C ) Hot site ( D ) Cold site
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
719
An organization having a number of offices across a wide geographical area has developed a disaster recovery plan. Using actual resources, which of the following is the MOST cost‐effective test of the disaster recovery plan? ( A ) Full operational test ( B ) Preparedness test ( C ) Paper test ( D ) Regression test
8
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
720
An organization's disaster recovery plan should address early recovery of: ( A ) all information systems processes. ( B ) all financial processing applications. ( C ) only those applications designated by the IS manager. ( D ) processing in priority order, as defined by business management.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
721
An advantage of the use of hot sites as a backup alternative is that: ( A ) the costs associated with hot sites are low. ( B ) hot sites can be used for an extended amount of time. ( C ) hot sites can be made ready for operation within a short period of time. ( D ) they do not require that equipment and systems software be compatible with the primary site.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
722
Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? ( A ) Invite client participation. ( B ) Involve all technical staff. ( C ) Rotate recovery managers. ( D ) Install locally‐stored backup.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
723
Disaster recovery planning (DRP) addresses the: ( A ) technological aspect of business continuity planning. ( B ) operational piece of business continuity planning. ( C ) functional aspect of business continuity planning. ( D ) overall coordination of business continuity planning.
9
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
724
An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following: •
The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.
•
The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting their attention.
•
The plan has never been updated, tested or circulated to key management and staff, though interviews show that eachwould know what action to take for its area in the event of a disruptive incident.
The IS auditor's report should recommend that: ( A ) the deputy CEO be censured for their failure to approve the plan. ( B ) a board of senior managers is set up to review the existing plan. ( C ) the existing plan is approved and circulated to all key management and staff. ( D ) a manager coordinates the creation of a new or revised plan within a defined time limit.
10
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
725
An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following: •
The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.
•
The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his/her attention.
•
The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident.
The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical, hardware configuration is already established. An IS auditor should: ( A ) take no action as the lack of a current plan is the only significant finding. ( B ) recommend that the hardware configuration at each site is identical. ( C ) perform a review to verify that the second configuration can support live processing. ( D ) report that the financial expenditure on the alternative site is wasted without an effective plan.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
726
Disaster recovery planning (DRP) for a company's computer system usually focuses on: ( A ) operations turnover procedures. ( B ) strategic long‐range planning. ( C ) the probability that a disaster will occur. ( D ) alternative procedures to process transactions.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
727
The MAIN purpose for periodically testing offsite facilities is to: ( A ) protect the integrity of the data in the database. ( B ) eliminate the need to develop detailed contingency plans. ( C ) ensure the continued compatibility of the contingency facilities. ( D ) ensure that program and system documentation remains current.
11
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
728
A large chain of shops with electronic funds transfer (EFT) at point‐of‐sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communicationsprocessor? ( A ) Offsite storage of daily backups ( B ) Alternative standby processor onsite ( C ) Installation of duplex communication links ( D ) Alternative standby processor at another network node
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
729
Facilitating telecommunications continuity by providing redundant combinations of local carrier T‐1 lines, microwaves and/or coaxial cables to access the local communication loop is: ( A ) last‐mile circuit protection. ( B ) long‐haul network diversity. ( C ) diverse routing. ( D ) alternative routing.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
730
Which of the following represents the GREATEST risk created by a reciprocal agreement for disaster recovery made between two companies? ( A ) Developments may result in hardware and software incompatibility. ( B ) Resources may not be available when needed. ( C ) The recovery plan cannot be tested. ( D ) The security infrastructures in each company may be different.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
731
Which of the following would BEST ensure continuity of a wide area network (WAN) across the organization? ( A ) Built‐in alternative routing ( B ) Completing full system backup daily ( C ) A repair contract with a service provider ( D ) A duplicate machine alongside each server
12
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
732
An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is: ( A ) tested every six months. ( B ) regularly reviewed and updated. ( C ) approved by the chief executive officer (CEO). ( D ) communicated to every department head in the organization.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
733
There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is called: ( A ) alternative routing. ( B ) diverse routing. ( C ) long‐haul network diversity. ( D ) last‐mile circuit protection.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
734
The responsibilities of a disaster recovery relocation team include: ( A ) obtaining, packaging and shipping media and records to the recovery facilities, as well as establishing and overseeing an offsite storage schedule. ( B ) locating a recovery site, if one has not been predetermined, and coordinating the transport of company employees to the recovery site. ( C ) managing the relocation project and conducting a more detailed assessment of the damage to the facilities and equipment. ( D ) coordinating the process of moving from the hot site to a new location or to the restored original location.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
735
While reviewing the business continuity plan of an organization, an IS auditor observed that the organization's data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate? ( A ) Deterrence ( B ) Mitigation ( C ) Recovery ( D ) Response
13
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
736
Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? ( A ) The alternate facility will be available until the original information processing facility is restored. ( B ) User management is involved in the identification of critical systems and their associated critical recovery times. ( C ) Copies of the plan are kept at the homes of key decision‐making personnel. ( D ) Feedback is provided to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
737
Which of the following must exist to ensure the viability of a duplicate information processing facility? ( A ) The site is near the primary site to ensure quick and efficient recovery. ( B ) The site contains the most advanced hardware available. ( C ) The workload of the primary site is monitored to ensure adequate backup is available. ( D ) The hardware is tested when it is installed to ensure it is working properly.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
738
An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a: ( A ) cold site. ( B ) warm site. ( C ) dial‐up site. ( D ) duplicate processing facility.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
739
A disaster recovery plan for an organization should: ( A ) reduce the length of the recovery time and the cost of recovery. ( B ) increase the length of the recovery time and the cost of recovery. ( C ) reduce the duration of the recovery time and increase the cost of recovery. ( D ) affect neither the recovery time nor the cost of recovery.
14
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
740
A disaster recovery plan for an organization's financial system specifies that the recovery point objective (RPO) is no data loss and the recovery time objective (RTO) is 72 hours. Which of the following is the MOST cost‐effective solution? ( A ) A hot site that can be operational in eight hours with asynchronous backup of the transaction logs ( B ) Distributed database systems in multiple locations updated asynchronously ( C ) Synchronous updates of the data and standby active systems in a hot site ( D ) Synchronous remote copy of the data in a warm site that can be operational in 48 hours
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
741
A financial institution that processes millions of transactions each day has a central communications processor (switch) for connecting to automated teller machines (ATMs). Which of the following would be the BEST contingency plan for the communications processor? ( A ) Reciprocal agreement with another organization ( B ) Alternate processor in the same location ( C ) Alternate processor at another network node ( D ) Installation of duplex communication links
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
742
The cost of ongoing operations when a disaster recovery plan is in place, compared to not having a disaster recovery plan, will MOST likely: ( A ) increase. ( B ) decrease. ( C ) remain the same. ( D ) be unpredictable.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
743
Which of the following tasks should be performed FIRST when preparing a disaster recovery plan? ( A ) Develop a recovery strategy. ( B ) Perform a business impact analysis. ( C ) Map software systems, hardware and network components. ( D ) Appoint recovery teams with defined personnel, roles and hierarchy.
15
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
744
Which of the following provides the BEST evidence of an organization's disaster recovery readiness? ( A ) A disaster recovery plan ( B ) Customer references for the alternate site provider ( C ) Processes for maintaining the disaster recovery plan ( D ) Results of tests and drills
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
745
Which of the following is the BEST method for determining the criticality of each application system in the production environment? ( A ) Interview the application programmers. ( B ) Perform a gap analysis. ( C ) Review the most recent application audits. ( D ) Perform a business impact analysis.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
746
A hot site should be implemented as a recovery strategy when the: ( A ) disaster tolerance is low. ( B ) recovery point objective (RPO) is high. ( C ) recovery time objective (RTO) is high. ( D ) disaster tolerance is high.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
747
An organization has implemented a disaster recovery plan. Which of the following steps should be carried out next? ( A ) Obtain senior management sponsorship. ( B ) Identify business needs. ( C ) Conduct a paper test. ( D ) Perform a system restore test.
16
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
748
When auditing a disaster recovery plan for a critical business area, an IS auditor finds that it does not cover all the systems. Which of the following is the MOST appropriate action for the IS auditor? ( A ) Alert management and evaluate the impact of not covering all systems. ( B ) Cancel the audit. ( C ) Complete the audit of the systems covered by the existing disaster recovery plan. ( D ) Postpone the audit until the systems are added to the disaster recovery plan.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
749
Which of the following should be of MOST concern to an IS auditor reviewing the BCP? ( A ) The disaster levels are based on scopes of damaged functions, but not on duration. ( B ) The difference between low‐level disaster and software incidents is not clear. ( C ) The overall BCP is documented, but detailed recovery steps are not specified. ( D ) The responsibility for declaring a disaster is not identified.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
750
Of the following alternatives, the FIRST approach to developing a disaster recovery strategy would be to assess whether: ( A ) all threats can be completely removed. ( B ) a cost‐effective, built‐in resilience can be implemented. ( C ) the recovery time objective can be optimized. ( D ) the cost of recovery can be minimized.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
751
An organization has a number of branches across a wide geographical area. To ensure that all aspects of the disaster recovery plan are evaluated in a cost effective manner, an IS auditor should recommend the use of a: ( A ) data recovery test. ( B ) full operational test. ( C ) posttest. ( D ) preparedness test.
17
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
752
If the recovery time objective (RTO) increases: ( A ) the disaster tolerance increases. ( B ) the cost of recovery increases. ( C ) a cold site cannot be used. ( D ) the data backup frequency increases.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
753
Due to changes in IT, the disaster recovery plan of a large organization has been changed. What is the PRIMARY risk if the new plan is not tested? ( A ) Catastrophic service interruption ( B ) High consumption of resources ( C ) Total cost of the recovery may not be minimized ( D ) Users and recovery teams may face severe difficulties when activating the plan
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
754
When developing a disaster recovery plan, the criteria for determining the acceptable downtime should be the: ( A ) annualized loss expectancy (ALE). ( B ) service delivery objective. ( C ) quantity of orphan data. ( D ) maximum tolerable outage.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
755
A lower recovery time objective (RTO) results in: ( A ) higher disaster tolerance. ( B ) higher cost. ( C ) wider interruption windows. ( D ) more permissive data loss.
18
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
756
Regarding a disaster recovery plan, the role of an IS auditor should include: ( A ) identifying critical applications. ( B ) determining the external service providers involved in a recovery test. ( C ) observing the tests of the disaster recovery plan. ( D ) determining the criteria for establishing a recovery time objective (RTO).
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
757
NEW 2009
During a disaster recovery test, an IS auditor observes that the performance of the disaster recovery site's server is slow. To find the root cause of this, the IS auditor should FIRST review the: ( A ) event error log generated at the disaster recovery site. ( B ) disaster recovery test plan. ( C ) disaster recovery plan (DRP). ( D ) configurations and alignment of the primary and disaster recovery sites.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
758
NEW 2009
An organization has a recovery time objective (RTO) equal to zero and a recovery point objective (RPO) close to 1 minute for a critical system. This implies that the system can tolerate: ( A ) a data loss of up to 1 minute, but the processing must be continuous. ( B ) a 1‐minute processing interruption but cannot tolerate any data loss. ( C ) a processing interruption of 1 minute or more. ( D ) both a data loss and a processing interruption longer than 1 minute.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
759
NEW 2009
Which of the following issues should be the GREATEST concern to the IS auditor when reviewing an IT disaster recovery test? ( A ) Due to the limited test time window, only the most essential systems were tested. The other systems were tested separately during the rest of the year. ( B ) During the test it was noticed that some of the backup systems were defective or not working, causing the test of these systems to fail. ( C ) The procedures to shut down and secure the original production site before starting the backup site required far more time than planned. ( D ) Every year, the same employees perform the test. The recovery plan documents are not used since every step is well known by all participants.
19
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
760
NEW 2009
The frequent updating of which of the following is key to the continued effectiveness of a disaster recovery plan (DRP)? ( A ) Contact information of key personnel ( B ) Server inventory documentation ( C ) Individual roles and responsibilities ( D ) Procedures for declaring a disaster
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
761
NEW 2009
A live test of a mutual agreement for IT system recovery has been carried out, including a four‐hour test of intensive usage by the business units. The test has been successful, but gives only partial assurance that the: ( A ) system and the IT operations team can sustain operations in the emergency environment. ( B ) resources and the environment could sustain the transaction load. ( C ) connectivity to the applications at the remote site meets response time requirements. ( D ) workflow of actual business operations can use the emergency system in case of a disaster.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.2
762
NEW 2009
To address an organization's disaster recovery requirements, backup intervals should not exceed the: ( A ) service level objective (SLO). ( B ) recovery time objective (RTO). ( C ) recovery point objective (RPO). ( D ) maximum acceptable outage (MAO).
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
763
Which of the following would have the HIGHEST priority in a business continuity plan (BCP)? ( A ) Resuming critical processes ( B ) Recovering sensitive processes ( C ) Restoring the site ( D ) Relocating operations to an alternative site
20
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
764
After completing the business impact analysis (BIA), what is the next step in the business continuity planning process? ( A ) Test and maintain the plan. ( B ) Develop a specific plan. ( C ) Develop recovery strategies. ( D ) Implement the plan.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
765
Which of the following is an appropriate test method to apply to a business continuity plan (BCP)? ( A ) Pilot ( B ) Paper ( C ) Unit ( D ) System
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
766
An IS auditor has audited a business continuity plan (BCP). Which of the following findings is the MOST critical? ( A ) Nonavailability of an alternate private branch exchange (PBX) system ( B ) Absence of a backup for the network backbone ( C ) Lack of backup systems for the users' PCs ( D ) Failure of the access card system
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
767
As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis? ( A ) Organizational risks, such as single point‐of‐failure and infrastructure risk ( B ) Threats to critical business processes ( C ) Critical business processes for ascertaining the priority for recovery ( D ) Resources required for resumption of business
21
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
768
Which of the following activities should the business continuity manager perform FIRST after the replacement of hardware at the primary information processing facility? ( A ) Verify compatibility with the hot site. ( B ) Review the implementation report. ( C ) Perform a walk‐through of the disaster recovery plan. ( D ) Update the IS assets inventory.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
769
Which of the following would contribute MOST to an effective business continuity plan (BCP)? ( A ) Document is circulated to all interested parties ( B ) Planning involves all user departments ( C ) Approval by senior management ( D ) Audit by an external IS auditor
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
770
To develop a successful business continuity plan, end user involvement is critical during which of the following phases? ( A ) Business recovery strategy ( B ) Detailed plan development ( C ) Business impact analysis (BIA) ( D ) Testing and maintenance
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
771
Which of the following would an IS auditor consider to be the MOST important to review when conducting a business continuity audit? ( A ) A hot site is contracted for and available as needed. ( B ) A business continuity manual is available and current. ( C ) Insurance coverage is adequate and premiums are current. ( D ) Media backups are performed on a timely basis and stored offsite.
22
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
772
The PRIMARY objective of business continuity and disaster recovery plans should be to: ( A ) safeguard critical IS assets. ( B ) provide for continuity of operations. ( C ) minimize the loss to an organization. ( D ) protect human life.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
773
After a full operational contingency test, an IS auditor performs a review of the recovery steps. The auditor concludes that the time it took for the technological environment and systems to return to full‐functioning exceeded the required critical recovery time. Which of the following should the auditor recommend? ( A ) Perform an integral review of the recovery tasks. ( B ) Broaden the processing capacity to gain recovery time. ( C ) Make improvements in the facility's circulation structure. ( D ) Increase the amount of human resources involved in the recovery.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
774
Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost‐effectively obtain evidence about the plan's effectiveness? ( A ) Paper test ( B ) Post test ( C ) Preparedness test ( D ) Walkthrough
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
775
While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be: ( A ) shadow file processing. ( B ) electronic vaulting. ( C ) hard‐disk mirroring. ( D ) hot‐site provisioning.
23
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
776
Depending on the complexity of an organization's business continuity plan (BCP), the plan may be developed as a set of more than one plan to address various aspects of business continuity and disaster recovery. In such an environment, it is essentialthat: ( A ) each plan is consistent with one another. ( B ) all plans are integrated into a single plan. ( C ) each plan is dependent on one another. ( D ) the sequence for implementation of all plans is defined.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
777
During a business continuity audit an IS auditor found that the business continuity plan (BCP) covered only critical processes. The IS auditor should: ( A ) recommend that the BCP cover all business processes. ( B ) assess the impact of the processes not covered. ( C ) report the findings to the IT manager. ( D ) redefine critical processes.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
778
An IS auditor noted that an organization had adequate business continuity plans (BCPs) for each individual process, but no comprehensive BCP. Which would be the BEST course of action for the IS auditor? ( A ) Recommend that an additional comprehensive BCP be developed. ( B ) Determine whether the BCPs are consistent. ( C ) Accept the BCPs as written. ( D ) Recommend the creation of a single BCP.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
779
When developing a business continuity plan (BCP), which of the following tools should be used to gain an understanding of the organization's business processes? ( A ) Business continuity self‐audit ( B ) Resource recovery analysis ( C ) Risk assessment ( D ) Gap analysis
24
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
780
During an audit of a business continuity plan (BCP), an IS auditor found that, although all departments were housed in the same building, each department had a separate BCP. The IS auditor recommended that the BCPs be reconciled. Which of the following areas should be reconciled FIRST? ( A ) Evacuation plan ( B ) Recovery priorities ( C ) Backup storages ( D ) Call tree
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
781
Management considered two projections for its business continuity plan; plan A with two months to recover and plan B with eight months to recover. The recovery objectives are the same in both plans. It is reasonable to expect that plan B projected higher: ( A ) downtime costs. ( B ) resumption costs. ( C ) recovery costs. ( D ) walkthrough costs.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
782
The optimum business continuity strategy for an entity is determined by the: ( A ) lowest downtime cost and highest recovery cost. ( B ) lowest sum of downtime cost and recovery cost. ( C ) lowest recovery cost and highest downtime cost. ( D ) average of the combined downtime and recovery cost.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
783
The PRIMARY objective of testing a business continuity plan is to: ( A ) familiarize employees with the business continuity plan. ( B ) ensure that all residual risks are addressed. ( C ) exercise all possible disaster scenarios. ( D ) identify limitations of the business continuity plan.
25
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
784
In determining the acceptable time period for the resumption of critical business processes: ( A ) only downtime costs need to be considered. ( B ) recovery operations should be analyzed. ( C ) both downtime costs and recovery costs need to be evaluated. ( D ) indirect downtime costs should be ignored.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
785
In the event of a disruption or disaster, which of the following technologies provides for continuous operations? ( A ) Load balancing ( B ) Fault‐tolerant hardware ( C ) Distributed backups ( D ) High‐availability computing
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
786
Which of the following would be MOST important for an IS auditor to verify when conducting a business continuity audit? ( A ) Data backups are performed on a timely basis ( B ) A recovery site is contracted for and available as needed ( C ) Human safety procedures are in place ( D ) Insurance coverage is adequate and premiums are current
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
787
Which of the following insurance types provide for a loss arising from fraudulent acts by employees? ( A ) Business interruption ( B ) Fidelity coverage ( C ) Errors and omissions ( D ) Extra expense
26
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
788
The BEST method for assessing the effectiveness of a business continuity plan is to review the: ( A ) plans and compare them to appropriate standards. ( B ) results from previous tests. ( C ) emergency procedures and employee training. ( D ) offsite storage and environmental controls.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
789
With respect to business continuity strategies, an IS auditor interviews key stakeholders in an organization to determine whether they understand their roles and responsibilities. The IS auditor is attempting to evaluate the: ( A ) clarity and simplicity of the business continuity plans. ( B ) adequacy of the business continuity plans. ( C ) effectiveness of the business continuity plans. ( D ) ability of IS and end‐user personnel to respond effectively in emergencies.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
790
During the design of a business continuity plan, the business impact analysis (BIA) identifies critical processes and supporting applications. This will PRIMARILY influence the: ( A ) responsibility for maintaining the business continuity plan. ( B ) criteria for selecting a recovery site provider. ( C ) recovery strategy. ( D ) responsibilities of key personnel.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
791
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that: ( A ) assessment of the situation may be delayed. ( B ) execution of the disaster recovery plan could be impacted. ( C ) notification of the teams might not occur. ( D ) potential crisis recognition might be ineffective.
27
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
792
An organization has just completed their annual risk assessment. Regarding the business continuity plan, what should an IS auditor recommend as the next step for the organization? ( A ) Review and evaluate the business continuity plan for adequacy ( B ) Perform a full simulation of the business continuity plan ( C ) Train and educate employees regarding the business continuity plan ( D ) Notify critical contacts in the business continuity plan
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
793
Integrating business continuity planning (BCP) into an IT project aids in: ( A ) the retrofitting of the business continuity requirements. ( B ) the development of a more comprehensive set of requirements. ( C ) the development of a transaction flowchart. ( D ) ensuring the application meets the user's needs.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
794
While observing a full simulation of the business continuity plan, an IS auditor notices that the notification systems within the organizational facilities could be severely impacted by infrastructural damage. The BEST recommendation the IS auditor can provide to the organization is to ensure: ( A ) the salvage team is trained to use the notification system. ( B ) the notification system provides for the recovery of the backup. ( C ) redundancies are built into the notification system. ( D ) the notification systems are stored in a vault.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
795
The activation of an enterprise's business continuity plan should be based on predetermined criteria that address the: ( A ) duration of the outage. ( B ) type of outage. ( C ) probability of the outage. ( D ) cause of the outage.
28
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
796
NEW 2009
An organization has outsourced its wide area network (WAN) to a third‐party service provider. Under these circumstances, which of the following is the PRIMARY task the IS auditor should perform during an audit of business continuity (BCP) anddisaster recovery planning (DRP)? ( A ) Review whether the service provider's BCP process is aligned with the organization's BCP and contractual obligations. ( B ) Review whether the service level agreement (SLA) contains a penalty clause in case of failure to meet the level of service in case of a disaster. ( C ) Review the methodology adopted by the organization in choosing the service provider. ( D ) Review the accreditation of the third‐party service provider's staff.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
797
NEW 2009
An IS auditor can verify that an organization's business continuity plan (BCP) is effective by reviewing the: ( A ) alignment of the BCP with industry best practices. ( B ) results of business continuity tests performed by IS and end‐user personnel. ( C ) off‐site facility, its contents, security and environmental controls. ( D ) annual financial cost of the BCP activities versus the expected benefit of implementation of the plan.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
798
NEW 2009
To optimize an organization's business contingency plan (BCP), an IS auditor should recommend conducting a business impact analysis (BIA) in order to determine: ( A ) the business processes that generate the most financial value for the organization and therefore must be recovered first. ( B ) the priorities and order for recovery to ensure alignment with the organization's business strategy. ( C ) the business processes that must be recovered following a disaster to ensure the organization's survival. ( D ) the priorities and order of recovery which will recover the greatest number of systems in the shortest time frame.
29
CISA Questions BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
799
NEW 2009
A financial services organization is developing and documenting business continuity measures. In which of the following cases would an IS auditor MOST likely raise an issue? ( A ) The organization uses good practice guidelines instead of industry standards and relies on external advisors to ensure the adequacy of the methodology. ( B ) The business continuity capabilities are planned around a carefully selected set of scenarios which describe events that might happen with a reasonable probability. ( C ) The recovery time objectives (RTOs) do not take IT disaster recovery constraints into account, such as personnel or system dependencies during the recovery phase. ( D ) The organization plans to rent a shared alternate site with emergency workplaces which has only enough room for half of the normal staff.
BUSINESS CONTINUITY AND DISASTER RECOVERY 6.3
800
NEW 2009
A medium‐sized organization, whose IT disaster recovery measures have been in place and regularly tested for years, has just developed a formal business continuity plan (BCP). A basic BCP tabletop exercise has been performed successfully. Which testing should an IS auditor recommend be performed NEXT to verify the adequacy of the new BCP? ( A ) Full‐scale test with relocation of all departments, including IT, to the contingency site ( B ) Walk‐through test of a series of predefined scenarios with all critical personnel involved ( C ) IT disaster recovery test with business departments involved in testing the critical applications ( D ) Functional test of a scenario with limited IT involvement
30
When reviewing the desktop software compliance of an organization the IS auditor should be most concerned if the installed software?
When reviewing the desktop software compliance of an organization, the IS auditor should be MOST concerned if the installed software: is not listed in the approved software standards document.
What is the most important part of a disaster recovery plan?
Standardized communication One of the most critical components of a disaster recovery plan is an up-to-date communication strategy. An outdated list of staff phone numbers is a recipe for disaster that knows no bounds -- especially while trying to use a free conferencing service.
How do you review a disaster recovery plan?
4 Steps for A Successful Disaster Recovery Plan Review.
Check Your Backups. Backups are a 100% essential part of ensuring business continuity. ... .
Understanding New Threats To Your Business. 2020 unlocked a lot of pandora's boxes for leaders. ... .
Follow Up With Resources In Your Plan. ... .
Confirm Details With Any Existing IT Support..
Which of the following is the most important reason to classify a disaster recovery plan DRP as confidential?
Answer. D. Protect the plan from unauthorized alteration.