CISA Questions Business Continuity and Disaster Recovery

CISAQuestions
BUSINESSCONTINUITYANDDISASTERRECOVERY6.1
688
WhichofthefollowingwouldBESTsupport24/7availability?
(A) Dailybackup
(B) Offsitestorage
(C) Mirroring
(D) Periodictesting
689
ThePRIMARYpurposeofimplementingRedundantArrayofInexpensiveDisks(RAID)
level1inafileserveristo:
(A) achieveperformanceimprovement.
(B) provideuserauthentication.
(C) ensureavailabilityofdata.
(D) ensuretheconfidentialityofdata.
690
WhichofthefollowingistheMOSTimportantcriterionwhenselectingalocationforan
offsitestoragefacilityforISbackupfiles?Theoffsitefacilitymustbe:
(A) physicallyseparatedfromthedatacenterandnotsubjecttothesamerisks.
(B) giventhesamelevelofprotectionasthatofthecomputerdatacenter.
(C) outsourcedtoareliablethirdparty.
(D) equippedwithsurveillancecapabilities.
691
Ifadatabaseisrestoredusingbeforeimagedumps,whereshouldtheprocessbegin
followinganinterruption?
(A) Beforethelasttransaction
(B) Afterthelasttransaction
(C) Asthefirsttransactionafterthelatestcheckpoint
(D) Asthelasttransactionbeforethelatestcheckpoint
CISAQuestions
692
Inadditiontothebackupconsiderationsforallsystems,whichofthefollowingisan
importantconsiderationinprovidingbackupforonlinesystems?
(A) Maintainingsystemsoftwareparameters
(B) Ensuringperiodicdumpsoftransactionlogs
(C) Ensuringgrandfatherfathersonfilebackups
(D) Maintainingimportantdataatanoffsitelocation
693
Asupdatestoanonlineorderentrysystemareprocessed,theupdatesarerecordedona
transactiontapeandahardcopytransactionlog.Attheendoftheday,theorderentry
filesarebackedupontape.Duringthebackupprocedure,adrivemalfunctionsandthe
orderentryfilesarelost.Whichofthefollowingisnecessarytorestorethesefiles?
(A) Thepreviousday'sbackupfileandthecurrenttransactiontape
(B) Thepreviousday'stransactionfileandthecurrenttransactiontape
(C) Thecurrenttransactiontapeandthecurrenthardcopytransactionlog
(D) Thecurrenthardcopytransactionlogandthepreviousday'stransactionfile
694
Anoffsiteinformationprocessingfacility:
(A) shouldhavethesameamountofphysicalaccessrestrictionsastheprimary
processingsite.
(B) shouldbeeasilyidentifiedfromtheoutsidesothat,intheeventofanemergency,
itcanbeeasilyfound.
(C) shouldbelocatedinproximitytotheoriginatingsite,soitcanquicklybemade
operational.
(D) neednothavethesamelevelofenvironmentalmonitoringastheoriginatingsite.
695
AnISauditorperformingareviewofthebackupprocessingfacilitiesshouldbeMOST
concernedthat:
(A) adequatefireinsuranceexists.
(B) regularhardwaremaintenanceisperformed.
(C) offsitestorageoftransactionandmasterfilesexists.
(D) backupprocessingfacilitiesarefullytested.
CISAQuestions
696
WhichofthefollowingprocedureswouldBESTdeterminewhetheradequate
recovery/restartproceduresexist?
(A) Reviewingprogramcode
(B) Reviewingoperationsdocumentation
(C) TurningofftheUPS,thenthepower
(D) Reviewingprogramdocumentation
697
WhichofthefollowingfindingsshouldanISauditorbeMOSTconcernedaboutwhen
performinganauditofbackupandrecoveryandtheoffsitestoragevault?
(A) Therearethreeindividualswithakeytoenterthearea.
(B) Paperdocumentsarealsostoredintheoffsitevault.
(C) Datafilesthatarestoredinthevaultaresynchronized.
(D) Theoffsitevaultislocatedinaseparatefacility.
698
Onlinebankingtransactionsarebeingpostedtothedatabasewhenprocessingsuddenly
comestoahalt.TheintegrityofthetransactionprocessingisBESTensuredby:
(A) databaseintegritychecks.
(B) validationchecks.
(C) inputcontrols.
(D) databasecommitsandrollbacks.
699
Toprovideprotectionformediabackupstoredatanoffsitelocation,thestoragesite
shouldbe:
(A) locatedonadifferentfloorofthebuilding.
(B) easilyaccessiblebyeveryone.
(C) clearlylabeledforemergencyaccess.
(D) protectedfromunauthorizedaccess.
CISAQuestions
700
Whichofthefollowingensurestheavailabilityoftransactionsintheeventofadisaster?
(A) Sendtapeshourlycontainingtransactionsoffsite.
(B) Sendtapesdailycontainingtransactionsoffsite.
(C) Capturetransactionstomultiplestoragedevices.
(D) Transmittransactionsoffsiteinrealtime.
701
ISmanagementhasdecidedtoinstallalevel1RedundantArrayofInexpensiveDisks
(RAID)systeminallserverstocompensatefortheeliminationofoffsitebackups.TheIS
auditorshouldrecommend:
(A) upgradingtoalevel5RAID.
(B) increasingthefrequencyofonsitebackups.
(C) reinstatingtheoffsitebackups.
(D) establishingacoldsiteinasecurelocation.
702
InwhichofthefollowingsituationsisitMOSTappropriatetoimplementdatamirroring
astherecoverystrategy?
(A) Disastertoleranceishigh.
(B) Recoverytimeobjectiveishigh.
(C) Recoverypointobjectiveislow.
(D) Recoverypointobjectiveishigh.
703
NetworkDataManagementProtocol(NDMP)technologyshouldbeusedforbackupif:
(A) anetworkattachedstorage(NAS)applianceisrequired.
(B) theuseofTCP/IPmustbeavoided.
(C) filepermissionsthatcannotbehandledbylegacybackupsystemsmustbe
backedup.
(D) backupconsistencyoverseveralrelateddatavolumesmustbeensured.
CISAQuestions
704
Anorganizationcurrentlyusingtapebackupstakesonefullbackupweeklyand
incrementalbackupsdaily.Theyrecentlyaugmentedtheirtapebackupprocedureswitha
backuptodisksolution.Thisisappropriatebecause:
(A) fastsyntheticbackupsforoffsitestoragearesupported.
(B) backuptodiskisalwayssignificantlyfasterthanbackuptotape.
(C) tapelibrariesarenolongerneeded.
(D) datastorageondisksismorereliablethanontapes.
705
WhichofthefollowingshouldbetheMOSTimportantcriterioninevaluatingabackup
solutionforsensitivedatathatmustberetainedforalongperiodoftimedueto
regulatoryrequirements?
(A) Fullbackupwindow
(B) Mediacosts
(C) Restorewindow
(D) Mediareliability
706
Intheeventofadatacenterdisaster,whichofthefollowingwouldbetheMOST
appropriatestrategytoenableacompleterecoveryofacriticaldatabase?
(A) Dailydatabackuptotapeandstorageataremotesite
(B) Realtimereplicationtoaremotesite
(C) Harddiskmirroringtoalocalserver
(D) Realtimedatabackuptothelocalstorageareanetwork(SAN)
707
WhichofthefollowingbackuptechniquesistheMOSTappropriatewhenanorganization
requiresextremelygranulardatarestorepoints,asdefinedintherecoverypoint
objective(RPO)?
(A) Virtualtapelibraries
(B) Diskbasedsnapshots
(C) Continuousdatabackup
(D) Disktotapebackup
CISAQuestions
708
WhatistheBESTbackupstrategyforalargedatabasewithdatasupportingonlinesales?
(A) Weeklyfullbackupwithdailyincrementalbackup
(B) Dailyfullbackup
(C) Clusteredservers
(D) Mirroredharddisks
709
NEW2009
Duringanaudit,anISauditornotesthatanorganization'sbusinesscontinuityplan(BCP)
doesnotadequatelyaddressinformationconfidentialityduringarecoveryprocess.TheIS
auditorshouldrecommendthattheplanbemodifiedtoinclude:
(A) thelevelofinformationsecurityrequiredwhenbusinessrecoveryproceduresare
invoked.
(B) informationsecurityrolesandresponsibilitiesinthecrisismanagementstructure.
(C) informationsecurityresourcerequirements.
(D) changemanagementproceduresforinformationsecuritythatcouldaffect
businesscontinuityarrangements.
710
NEW2009
WhichofthefollowingistheGREATESTriskwhenstoragegrowthinacriticalfileserveris
notmanagedproperly?
(A) Backuptimewouldsteadilyincrease
(B) Backupoperationalcostwouldsignificantlyincrease
(C) Storageoperationalcostwouldsignificantlyincrease
(D) Serverrecoveryworkmaynotmeettherecoverytimeobjective(RTO)
711
NEW2009
WhichofthefollowingistheMOSTimportantconsiderationwhendefiningrecovery
pointobjectives(RPOs)?
(A) Minimumoperatingrequirements
(B) Acceptabledataloss
(C) Meantimebetweenfailures
(D) Acceptabletimeforrecovery
CISAQuestions
712
Astructuredwalkthroughtestofadisasterrecoveryplaninvolves:
(A) representativesfromeachofthefunctionalareascomingtogethertogooverthe
plan.
(B) allemployeeswhoparticipateinthedaytodayoperationscomingtogetherto
practiceexecutingtheplan.
(C) movingthesystemstothealternateprocessingsiteandperformingprocessing
operations.
(D) distributingcopiesoftheplantothevariousfunctionalareasforreview.
713
Inacontractwithahot,warmorcoldsite,contractualprovisionsshouldcoverwhichof
thefollowingconsiderations?
(A) Physicalsecuritymeasures
(B) Totalnumberofsubscribers
(C) Numberofsubscriberspermittedtouseasiteatonetime
(D) Referencesbyotherusers
714
WhichofthefollowingistheGREATESTconcernwhenanorganization'sbackupfacilityis
atawarmsite?
(A) Timelyavailabilityofhardware
(B) Availabilityofheat,humidityandairconditioningequipment
(C) Adequacyofelectricalpowerconnections
(D) Effectivenessofthetelecommunicationsnetwork
715
WhichofthefollowingrecoverystrategiesisMOSTappropriateforabusinesshaving
multipleofficeswithinaregionandalimitedrecoverybudget?
(A) Ahotsitemaintainedbythebusiness
(B) Acommercialcoldsite
(C) Areciprocalarrangementbetweenitsoffices
(D) Athirdpartyhotsite
CISAQuestions
716
ThePRIMARYpurposeofabusinessimpactanalysis(BIA)isto:
(A) provideaplanforresumingoperationsafteradisaster.
(B) identifytheeventsthatcouldimpactthecontinuityofanorganization's
operations.
(C) publicizethecommitmentoftheorganizationtophysicalandlogicalsecurity.
(D) providetheframeworkforaneffectivedisasterrecoveryplan.
717
Afterimplementationofadisasterrecoveryplan,predisasterandpostdisaster
operationalcostsforanorganizationwill:
(A) decrease.
(B) notchange(remainthesame).
(C) increase.
(D) increaseordecreasedependinguponthenatureofthebusiness.
718
WhichofthefollowingistheMOSTreasonableoptionforrecoveringanoncritical
system?
(A) Warmsite
(B) Mobilesite
(C) Hotsite
(D) Coldsite
719
Anorganizationhavinganumberofofficesacrossawidegeographicalareahas
developedadisasterrecoveryplan.Usingactualresources,whichofthefollowingisthe
MOSTcosteffectivetestofthedisasterrecoveryplan?
(A) Fulloperationaltest
(B) Preparednesstest
(C) Papertest
(D) Regressiontest
CISAQuestions
720
Anorganization'sdisasterrecoveryplanshouldaddressearlyrecoveryof:
(A) allinformationsystemsprocesses.
(B) allfinancialprocessingapplications.
(C) onlythoseapplicationsdesignatedbytheISmanager.
(D) processinginpriorityorder,asdefinedbybusinessmanagement.
721
Anadvantageoftheuseofhotsitesasabackupalternativeisthat:
(A) thecostsassociatedwithhotsitesarelow.
(B) hotsitescanbeusedforanextendedamountoftime.
(C) hotsitescanbemadereadyforoperationwithinashortperiodoftime.
(D) theydonotrequirethatequipmentandsystemssoftwarebecompatiblewiththe
primarysite.
722
Whichofthefollowingisapracticethatshouldbeincorporatedintotheplanfortesting
disasterrecoveryprocedures?
(A) Inviteclientparticipation.
(B) Involvealltechnicalstaff.
(C) Rotaterecoverymanagers.
(D) Installlocallystoredbackup.
723
Disasterrecoveryplanning(DRP)addressesthe:
(A) technologicalaspectofbusinesscontinuityplanning.
(B) operationalpieceofbusinesscontinuityplanning.
(C) functionalaspectofbusinesscontinuityplanning.
(D) overallcoordinationofbusinesscontinuityplanning.
CISAQuestions
724
AnISauditorconductingareviewofdisasterrecoveryplanning(DRP)atafinancial
processingorganizationhasdiscoveredthefollowing:
Theexistingdisasterrecoveryplanwascompiledtwoyearsearlierbya
systemsanalystintheorganization'sITdepartmentusingtransactionflow
projectionsfromtheoperationsdepartment.
TheplanwaspresentedtothedeputyCEOforapprovalandformalissue,but
itisstillawaitingtheirattention.
Theplanhasneverbeenupdated,testedorcirculatedtokeymanagement
andstaff,thoughinterviewsshowthateachwouldknowwhatactiontotake
foritsareaintheeventofadisruptiveincident.
TheISauditor'sreportshouldrecommendthat:
(A) thedeputyCEObecensuredfortheirfailuretoapprovetheplan.
(B) aboardofseniormanagersissetuptoreviewtheexistingplan.
(C) theexistingplanisapprovedandcirculatedtoallkeymanagementandstaff.
(D) amanagercoordinatesthecreationofaneworrevisedplanwithinadefinedtime
limit.
10
CISAQuestions
725
AnISauditorconductingareviewofdisasterrecoveryplanning(DRP)atafinancial
processingorganizationhasdiscoveredthefollowing:
Theexistingdisasterrecoveryplanwascompiledtwoyearsearlierbyasystems
analystintheorganization'sITdepartmentusingtransactionflowprojections
fromtheoperationsdepartment.
TheplanwaspresentedtothedeputyCEOforapprovalandformalissue,butitis
stillawaitinghis/herattention.
Theplanhasneverbeenupdated,testedorcirculatedtokeymanagementand
staff,thoughinterviewsshowthateachwouldknowwhatactiontotakeforits
areaintheeventofadisruptiveincident.
Thebasisofanorganization'sdisasterrecoveryplanistoreestablishliveprocessingatan
alternativesitewhereasimilar,butnotidentical,hardwareconfigurationisalready
established.AnISauditorshould:
(A) takenoactionasthelackofacurrentplanistheonlysignificantfinding.
(B) recommendthatthehardwareconfigurationateachsiteisidentical.
(C) performareviewtoverifythatthesecondconfigurationcansupportlive
processing.
(D) reportthatthefinancialexpenditureonthealternativesiteiswastedwithoutan
effectiveplan.
726
Disasterrecoveryplanning(DRP)foracompany'scomputersystemusuallyfocuseson:
(A) operationsturnoverprocedures.
(B) strategiclongrangeplanning.
(C) theprobabilitythatadisasterwilloccur.
(D) alternativeprocedurestoprocesstransactions.
727
TheMAINpurposeforperiodicallytestingoffsitefacilitiesisto:
(A) protecttheintegrityofthedatainthedatabase.
(B) eliminatetheneedtodevelopdetailedcontingencyplans.
(C) ensurethecontinuedcompatibilityofthecontingencyfacilities.
(D) ensurethatprogramandsystemdocumentationremainscurrent.
11
CISAQuestions
728
Alargechainofshopswithelectronicfundstransfer(EFT)atpointofsaledeviceshasa
centralcommunicationsprocessorforconnectingtothebankingnetwork.Whichofthe
followingistheBESTdisasterrecoveryplanforthecommunicationsprocessor?
(A) Offsitestorageofdailybackups
(B) Alternativestandbyprocessoronsite
(C) Installationofduplexcommunicationlinks
(D) Alternativestandbyprocessoratanothernetworknode
729
Facilitatingtelecommunicationscontinuitybyprovidingredundantcombinationsoflocal
carrierT1lines,microwavesand/orcoaxialcablestoaccessthelocalcommunication
loopis:
(A) lastmilecircuitprotection.
(B) longhaulnetworkdiversity.
(C) diverserouting.
(D) alternativerouting.
730
WhichofthefollowingrepresentstheGREATESTriskcreatedbyareciprocalagreement
fordisasterrecoverymadebetweentwocompanies?
(A) Developmentsmayresultinhardwareandsoftwareincompatibility.
(B) Resourcesmaynotbeavailablewhenneeded.
(C) Therecoveryplancannotbetested.
(D) Thesecurityinfrastructuresineachcompanymaybedifferent.
731
WhichofthefollowingwouldBESTensurecontinuityofawideareanetwork(WAN)
acrosstheorganization?
(A) Builtinalternativerouting
(B) Completingfullsystembackupdaily
(C) Arepaircontractwithaserviceprovider
(D) Aduplicatemachinealongsideeachserver
12
CISAQuestions
732
AnISauditorreviewinganorganization'sISdisasterrecoveryplanshouldverifythatitis:
(A) testedeverysixmonths.
(B) regularlyreviewedandupdated.
(C) approvedbythechiefexecutiveofficer(CEO).
(D) communicatedtoeverydepartmentheadintheorganization.
733
Thereareseveralmethodsofprovidingtelecommunicationscontinuity.Themethodof
routingtrafficthroughsplitcableorduplicatecablefacilitiesiscalled:
(A) alternativerouting.
(B) diverserouting.
(C) longhaulnetworkdiversity.
(D) lastmilecircuitprotection.
734
Theresponsibilitiesofadisasterrecoveryrelocationteaminclude:
(A) obtaining,packagingandshippingmediaandrecordstotherecoveryfacilities,as
wellasestablishingandoverseeinganoffsitestorageschedule.
(B) locatingarecoverysite,ifonehasnotbeenpredetermined,andcoordinatingthe
transportofcompanyemployeestotherecoverysite.
(C) managingtherelocationprojectandconductingamoredetailedassessmentof
thedamagetothefacilitiesandequipment.
(D) coordinatingtheprocessofmovingfromthehotsitetoanewlocationortothe
restoredoriginallocation.
735
Whilereviewingthebusinesscontinuityplanofanorganization,anISauditorobserved
thattheorganization'sdataandsoftwarefilesarebackeduponaperiodicbasis.Which
characteristicofaneffectiveplandoesthisdemonstrate?
(A) Deterrence
(B) Mitigation
(C) Recovery
(D) Response
13
CISAQuestions
736
Whichofthefollowingdisasterrecovery/continuityplancomponentsprovidesthe
GREATESTassuranceofrecoveryafteradisaster?
(A) Thealternatefacilitywillbeavailableuntiltheoriginalinformationprocessing
facilityisrestored.
(B) Usermanagementisinvolvedintheidentificationofcriticalsystemsandtheir
associatedcriticalrecoverytimes.
(C) Copiesoftheplanarekeptatthehomesofkeydecisionmakingpersonnel.
(D) Feedbackisprovidedtomanagementassuringthemthatthebusinesscontinuity
plansareindeedworkableandthattheproceduresarecurrent.
737
Whichofthefollowingmustexisttoensuretheviabilityofaduplicateinformation
processingfacility?
(A) Thesiteisneartheprimarysitetoensurequickandefficientrecovery.
(B) Thesitecontainsthemostadvancedhardwareavailable.
(C) Theworkloadoftheprimarysiteismonitoredtoensureadequatebackupis
available.
(D) Thehardwareistestedwhenitisinstalledtoensureitisworkingproperly.
738
Anoffsiteinformationprocessingfacilitywithelectricalwiring,airconditioningand
flooring,butnocomputerorcommunicationsequipment,isa:
(A) coldsite.
(B) warmsite.
(C) dialupsite.
(D) duplicateprocessingfacility.
739
Adisasterrecoveryplanforanorganizationshould:
(A) reducethelengthoftherecoverytimeandthecostofrecovery.
(B) increasethelengthoftherecoverytimeandthecostofrecovery.
(C) reducethedurationoftherecoverytimeandincreasethecostofrecovery.
(D) affectneithertherecoverytimenorthecostofrecovery.
14
CISAQuestions
740
Adisasterrecoveryplanforanorganization'sfinancialsystemspecifiesthattherecovery
pointobjective(RPO)isnodatalossandtherecoverytimeobjective(RTO)is72hours.
WhichofthefollowingistheMOSTcosteffectivesolution?
(A) Ahotsitethatcanbeoperationalineighthourswithasynchronousbackupofthe
transactionlogs
(B) Distributeddatabasesystemsinmultiplelocationsupdatedasynchronously
(C) Synchronousupdatesofthedataandstandbyactivesystemsinahotsite
(D) Synchronousremotecopyofthedatainawarmsitethatcanbeoperationalin48
hours
741
Afinancialinstitutionthatprocessesmillionsoftransactionseachdayhasacentral
communicationsprocessor(switch)forconnectingtoautomatedtellermachines(ATMs).
WhichofthefollowingwouldbetheBESTcontingencyplanforthecommunications
processor?
(A) Reciprocalagreementwithanotherorganization
(B) Alternateprocessorinthesamelocation
(C) Alternateprocessoratanothernetworknode
(D) Installationofduplexcommunicationlinks
742
Thecostofongoingoperationswhenadisasterrecoveryplanisinplace,comparedtonot
havingadisasterrecoveryplan,willMOSTlikely:
(A) increase.
(B) decrease.
(C) remainthesame.
(D) beunpredictable.
743
WhichofthefollowingtasksshouldbeperformedFIRSTwhenpreparingadisaster
recoveryplan?
(A) Developarecoverystrategy.
(B) Performabusinessimpactanalysis.
(C) Mapsoftwaresystems,hardwareandnetworkcomponents.
(D) Appointrecoveryteamswithdefinedpersonnel,rolesandhierarchy.
15
CISAQuestions
744
WhichofthefollowingprovidestheBESTevidenceofanorganization'sdisasterrecovery
readiness?
(A) Adisasterrecoveryplan
(B) Customerreferencesforthealternatesiteprovider
(C) Processesformaintainingthedisasterrecoveryplan
(D) Resultsoftestsanddrills
745
WhichofthefollowingistheBESTmethodfordeterminingthecriticalityofeach
applicationsystemintheproductionenvironment?
(A) Interviewtheapplicationprogrammers.
(B) Performagapanalysis.
(C) Reviewthemostrecentapplicationaudits.
(D) Performabusinessimpactanalysis.
746
Ahotsiteshouldbeimplementedasarecoverystrategywhenthe:
(A) disastertoleranceislow.
(B) recoverypointobjective(RPO)ishigh.
(C) recoverytimeobjective(RTO)ishigh.
(D) disastertoleranceishigh.
747
Anorganizationhasimplementedadisasterrecoveryplan.Whichofthefollowingsteps
shouldbecarriedoutnext?
(A) Obtainseniormanagementsponsorship.
(B) Identifybusinessneeds.
(C) Conductapapertest.
(D) Performasystemrestoretest.
16
CISAQuestions
748
Whenauditingadisasterrecoveryplanforacriticalbusinessarea,anISauditorfindsthat
itdoesnotcoverallthesystems.WhichofthefollowingistheMOSTappropriateaction
fortheISauditor?
(A) Alertmanagementandevaluatetheimpactofnotcoveringallsystems.
(B) Canceltheaudit.
(C) Completetheauditofthesystemscoveredbytheexistingdisasterrecoveryplan.
(D) Postponetheaudituntilthesystemsareaddedtothedisasterrecoveryplan.
749
WhichofthefollowingshouldbeofMOSTconcerntoanISauditorreviewingtheBCP?
(A) Thedisasterlevelsarebasedonscopesofdamagedfunctions,butnoton
duration.
(B) Thedifferencebetweenlowleveldisasterandsoftwareincidentsisnotclear.
(C) TheoverallBCPisdocumented,butdetailedrecoverystepsarenotspecified.
(D) Theresponsibilityfordeclaringadisasterisnotidentified.
750
Ofthefollowingalternatives,theFIRSTapproachtodevelopingadisasterrecovery
strategywouldbetoassesswhether:
(A) allthreatscanbecompletelyremoved.
(B) acosteffective,builtinresiliencecanbeimplemented.
(C) therecoverytimeobjectivecanbeoptimized.
(D) thecostofrecoverycanbeminimized.
751
Anorganizationhasanumberofbranchesacrossawidegeographicalarea.Toensure
thatallaspectsofthedisasterrecoveryplanareevaluatedinacosteffectivemanner,an
ISauditorshouldrecommendtheuseofa:
(A) datarecoverytest.
(B) fulloperationaltest.
(C) posttest.
(D) preparednesstest.
17
CISAQuestions
752
Iftherecoverytimeobjective(RTO)increases:
(A) thedisastertoleranceincreases.
(B) thecostofrecoveryincreases.
(C) acoldsitecannotbeused.
(D) thedatabackupfrequencyincreases.
753
DuetochangesinIT,thedisasterrecoveryplanofalargeorganizationhasbeenchanged.
WhatisthePRIMARYriskifthenewplanisnottested?
(A) Catastrophicserviceinterruption
(B) Highconsumptionofresources
(C) Totalcostoftherecoverymaynotbeminimized
(D) Usersandrecoveryteamsmayfaceseveredifficultieswhenactivatingtheplan
754
Whendevelopingadisasterrecoveryplan,thecriteriafordeterminingtheacceptable
downtimeshouldbethe:
(A) annualizedlossexpectancy(ALE).
(B) servicedeliveryobjective.
(C) quantityoforphandata.
(D) maximumtolerableoutage.
755
Alowerrecoverytimeobjective(RTO)resultsin:
(A) higherdisastertolerance.
(B) highercost.
(C) widerinterruptionwindows.
(D) morepermissivedataloss.
18
CISAQuestions
756
Regardingadisasterrecoveryplan,theroleofanISauditorshouldinclude:
(A) identifyingcriticalapplications.
(B) determiningtheexternalserviceprovidersinvolvedinarecoverytest.
(C) observingthetestsofthedisasterrecoveryplan.
(D) determiningthecriteriaforestablishingarecoverytimeobjective(RTO).
757
NEW2009
Duringadisasterrecoverytest,anISauditorobservesthattheperformanceofthe
disasterrecoverysite'sserverisslow.Tofindtherootcauseofthis,theISauditorshould
FIRSTreviewthe:
(A) eventerrorloggeneratedatthedisasterrecoverysite.
(B) disasterrecoverytestplan.
(C) disasterrecoveryplan(DRP).
(D) configurationsandalignmentoftheprimaryanddisasterrecoverysites.
758
NEW2009
Anorganizationhasarecoverytimeobjective(RTO)equaltozeroandarecoverypoint
objective(RPO)closeto1minuteforacriticalsystem.Thisimpliesthatthesystemcan
tolerate:
(A) adatalossofupto1minute,buttheprocessingmustbecontinuous.
(B) a1minuteprocessinginterruptionbutcannottolerateanydataloss.
(C) aprocessinginterruptionof1minuteormore.
(D) bothadatalossandaprocessinginterruptionlongerthan1minute.
759
NEW2009
WhichofthefollowingissuesshouldbetheGREATESTconcerntotheISauditorwhen
reviewinganITdisasterrecoverytest?
(A) Duetothelimitedtesttimewindow,onlythemostessentialsystemsweretested.
Theothersystemsweretestedseparatelyduringtherestoftheyear.
(B) Duringthetestitwasnoticedthatsomeofthebackupsystemsweredefectiveor
notworking,causingthetestofthesesystemstofail.
(C) Theprocedurestoshutdownandsecuretheoriginalproductionsitebefore
startingthebackupsiterequiredfarmoretimethanplanned.
(D) Everyyear,thesameemployeesperformthetest.Therecoveryplandocuments
arenotusedsinceeverystepiswellknownbyallparticipants.
19
CISAQuestions
760
NEW2009
Thefrequentupdatingofwhichofthefollowingiskeytothecontinuedeffectivenessofa
disasterrecoveryplan(DRP)?
(A) Contactinformationofkeypersonnel
(B) Serverinventorydocumentation
(C) Individualrolesandresponsibilities
(D) Proceduresfordeclaringadisaster
761
NEW2009
AlivetestofamutualagreementforITsystemrecoveryhasbeencarriedout,includinga
fourhourtestofintensiveusagebythebusinessunits.Thetesthasbeensuccessful,but
givesonlypartialassurancethatthe:
(A) systemandtheIToperationsteamcansustainoperationsintheemergency
environment.
(B) resourcesandtheenvironmentcouldsustainthetransactionload.
(C) connectivitytotheapplicationsattheremotesitemeetsresponsetime
requirements.
(D) workflowofactualbusinessoperationscanusetheemergencysystemincaseofa
disaster.
762
NEW2009
Toaddressanorganization'sdisasterrecoveryrequirements,backupintervalsshouldnot
exceedthe:
(A) servicelevelobjective(SLO).
(B) recoverytimeobjective(RTO).
(C) recoverypointobjective(RPO).
(D) maximumacceptableoutage(MAO).
763
WhichofthefollowingwouldhavetheHIGHESTpriorityinabusinesscontinuityplan
(BCP)?
(A) Resumingcriticalprocesses
(B) Recoveringsensitiveprocesses
(C) Restoringthesite
(D) Relocatingoperationstoanalternativesite
20
CISAQuestions
764
Aftercompletingthebusinessimpactanalysis(BIA),whatisthenextstepinthebusiness
continuityplanningprocess?
(A) Testandmaintaintheplan.
(B) Developaspecificplan.
(C) Developrecoverystrategies.
(D) Implementtheplan.
765
Whichofthefollowingisanappropriatetestmethodtoapplytoabusinesscontinuity
plan(BCP)?
(A) Pilot
(B) Paper
(C) Unit
(D) System
766
AnISauditorhasauditedabusinesscontinuityplan(BCP).Whichofthefollowingfindings
istheMOSTcritical?
(A) Nonavailabilityofanalternateprivatebranchexchange(PBX)system
(B) Absenceofabackupforthenetworkbackbone
(C) Lackofbackupsystemsfortheusers'PCs
(D) Failureoftheaccesscardsystem
767
Aspartofthebusinesscontinuityplanningprocess,whichofthefollowingshouldbe
identifiedFIRSTinthebusinessimpactanalysis?
(A) Organizationalrisks,suchassinglepointoffailureandinfrastructurerisk
(B) Threatstocriticalbusinessprocesses
(C) Criticalbusinessprocessesforascertainingthepriorityforrecovery
(D) Resourcesrequiredforresumptionofbusiness
21
CISAQuestions
768
WhichofthefollowingactivitiesshouldthebusinesscontinuitymanagerperformFIRST
afterthereplacementofhardwareattheprimaryinformationprocessingfacility?
(A) Verifycompatibilitywiththehotsite.
(B) Reviewtheimplementationreport.
(C) Performawalkthroughofthedisasterrecoveryplan.
(D) UpdatetheISassetsinventory.
769
WhichofthefollowingwouldcontributeMOSTtoaneffectivebusinesscontinuityplan
(BCP)?
(A) Documentiscirculatedtoallinterestedparties
(B) Planninginvolvesalluserdepartments
(C) Approvalbyseniormanagement
(D) AuditbyanexternalISauditor
770
Todevelopasuccessfulbusinesscontinuityplan,enduserinvolvementiscriticalduring
whichofthefollowingphases?
(A) Businessrecoverystrategy
(B) Detailedplandevelopment
(C) Businessimpactanalysis(BIA)
(D) Testingandmaintenance
771
WhichofthefollowingwouldanISauditorconsidertobetheMOSTimportanttoreview
whenconductingabusinesscontinuityaudit?
(A) Ahotsiteiscontractedforandavailableasneeded.
(B) Abusinesscontinuitymanualisavailableandcurrent.
(C) Insurancecoverageisadequateandpremiumsarecurrent.
(D) Mediabackupsareperformedonatimelybasisandstoredoffsite.
22
CISAQuestions
772
ThePRIMARYobjectiveofbusinesscontinuityanddisasterrecoveryplansshouldbeto:
(A) safeguardcriticalISassets.
(B) provideforcontinuityofoperations.
(C) minimizethelosstoanorganization.
(D) protecthumanlife.
773
Afterafulloperationalcontingencytest,anISauditorperformsareviewoftherecovery
steps.Theauditorconcludesthatthetimeittookforthetechnologicalenvironmentand
systemstoreturntofullfunctioningexceededtherequiredcriticalrecoverytime.Which
ofthefollowingshouldtheauditorrecommend?
(A) Performanintegralreviewoftherecoverytasks.
(B) Broadentheprocessingcapacitytogainrecoverytime.
(C) Makeimprovementsinthefacility'scirculationstructure.
(D) Increasetheamountofhumanresourcesinvolvedintherecovery.
774
Whichofthefollowingisacontinuityplantestthatusesactualresourcestosimulatea
systemcrashtocosteffectivelyobtainevidenceabouttheplan'seffectiveness?
(A) Papertest
(B) Posttest
(C) Preparednesstest
(D) Walkthrough
775
Whiledesigningthebusinesscontinuityplan(BCP)foranairlinereservationsystem,the
MOSTappropriatemethodofdatatransfer/backupatanoffsitelocationwouldbe:
(A) shadowfileprocessing.
(B) electronicvaulting.
(C) harddiskmirroring.
(D) hotsiteprovisioning.
23
CISAQuestions
776
Dependingonthecomplexityofanorganization'sbusinesscontinuityplan(BCP),theplan
maybedevelopedasasetofmorethanoneplantoaddressvariousaspectsofbusiness
continuityanddisasterrecovery.Insuchanenvironment,itisessentialthat:
(A) eachplanisconsistentwithoneanother.
(B) allplansareintegratedintoasingleplan.
(C) eachplanisdependentononeanother.
(D) thesequenceforimplementationofallplansisdefined.
777
DuringabusinesscontinuityauditanISauditorfoundthatthebusinesscontinuityplan
(BCP)coveredonlycriticalprocesses.TheISauditorshould:
(A) recommendthattheBCPcoverallbusinessprocesses.
(B) assesstheimpactoftheprocessesnotcovered.
(C) reportthefindingstotheITmanager.
(D) redefinecriticalprocesses.
778
AnISauditornotedthatanorganizationhadadequatebusinesscontinuityplans(BCPs)
foreachindividualprocess,butnocomprehensiveBCP.WhichwouldbetheBESTcourse
ofactionfortheISauditor?
(A) RecommendthatanadditionalcomprehensiveBCPbedeveloped.
(B) DeterminewhethertheBCPsareconsistent.
(C) AccepttheBCPsaswritten.
(D) RecommendthecreationofasingleBCP.
779
Whendevelopingabusinesscontinuityplan(BCP),whichofthefollowingtoolsshouldbe
usedtogainanunderstandingoftheorganization'sbusinessprocesses?
(A) Businesscontinuityselfaudit
(B) Resourcerecoveryanalysis
(C) Riskassessment
(D) Gapanalysis
24
CISAQuestions
780
Duringanauditofabusinesscontinuityplan(BCP),anISauditorfoundthat,althoughall
departmentswerehousedinthesamebuilding,eachdepartmenthadaseparateBCP.
TheISauditorrecommendedthattheBCPsbereconciled.Whichofthefollowingareas
shouldbereconciledFIRST?
(A) Evacuationplan
(B) Recoverypriorities
(C) Backupstorages
(D) Calltree
781
Managementconsideredtwoprojectionsforitsbusinesscontinuityplan;planAwithtwo
monthstorecoverandplanBwitheightmonthstorecover.Therecoveryobjectivesare
thesameinbothplans.ItisreasonabletoexpectthatplanBprojectedhigher:
(A) downtimecosts.
(B) resumptioncosts.
(C) recoverycosts.
(D) walkthroughcosts.
782
Theoptimumbusinesscontinuitystrategyforanentityisdeterminedbythe:
(A) lowestdowntimecostandhighestrecoverycost.
(B) lowestsumofdowntimecostandrecoverycost.
(C) lowestrecoverycostandhighestdowntimecost.
(D) averageofthecombineddowntimeandrecoverycost.
783
ThePRIMARYobjectiveoftestingabusinesscontinuityplanisto:
(A) familiarizeemployeeswiththebusinesscontinuityplan.
(B) ensurethatallresidualrisksareaddressed.
(C) exerciseallpossibledisasterscenarios.
(D) identifylimitationsofthebusinesscontinuityplan.
25
CISAQuestions
784
Indeterminingtheacceptabletimeperiodfortheresumptionofcriticalbusiness
processes:
(A) onlydowntimecostsneedtobeconsidered.
(B) recoveryoperationsshouldbeanalyzed.
(C) bothdowntimecostsandrecoverycostsneedtobeevaluated.
(D) indirectdowntimecostsshouldbeignored.
785
Intheeventofadisruptionordisaster,whichofthefollowingtechnologiesprovidesfor
continuousoperations?
(A) Loadbalancing
(B) Faulttoleranthardware
(C) Distributedbackups
(D) Highavailabilitycomputing
786
WhichofthefollowingwouldbeMOSTimportantforanISauditortoverifywhen
conductingabusinesscontinuityaudit?
(A) Databackupsareperformedonatimelybasis
(B) Arecoverysiteiscontractedforandavailableasneeded
(C) Humansafetyproceduresareinplace
(D) Insurancecoverageisadequateandpremiumsarecurrent
787
Whichofthefollowinginsurancetypesprovideforalossarisingfromfraudulentactsby
employees?
(A) Businessinterruption
(B) Fidelitycoverage
(C) Errorsandomissions
(D) Extraexpense
26
CISAQuestions
788
TheBESTmethodforassessingtheeffectivenessofabusinesscontinuityplanistoreview
the:
(A) plansandcomparethemtoappropriatestandards.
(B) resultsfromprevioustests.
(C) emergencyproceduresandemployeetraining.
(D) offsitestorageandenvironmentalcontrols.
789
Withrespecttobusinesscontinuitystrategies,anISauditorinterviewskeystakeholders
inanorganizationtodeterminewhethertheyunderstandtheirrolesandresponsibilities.
TheISauditorisattemptingtoevaluatethe:
(A) clarityandsimplicityofthebusinesscontinuityplans.
(B) adequacyofthebusinesscontinuityplans.
(C) effectivenessofthebusinesscontinuityplans.
(D) abilityofISandenduserpersonneltorespondeffectivelyinemergencies.
790
Duringthedesignofabusinesscontinuityplan,thebusinessimpactanalysis(BIA)
identifiescriticalprocessesandsupportingapplications.ThiswillPRIMARILYinfluence
the:
(A) responsibilityformaintainingthebusinesscontinuityplan.
(B) criteriaforselectingarecoverysiteprovider.
(C) recoverystrategy.
(D) responsibilitiesofkeypersonnel.
791
Duringareviewofabusinesscontinuityplan,anISauditornoticedthatthepointat
whichasituationisdeclaredtobeacrisishasnotbeendefined.TheMAJORrisk
associatedwiththisisthat:
(A) assessmentofthesituationmaybedelayed.
(B) executionofthedisasterrecoveryplancouldbeimpacted.
(C) notificationoftheteamsmightnotoccur.
(D) potentialcrisisrecognitionmightbeineffective.
27
CISAQuestions
792
Anorganizationhasjustcompletedtheirannualriskassessment.Regardingthebusiness
continuityplan,whatshouldanISauditorrecommendasthenextstepforthe
organization?
(A) Reviewandevaluatethebusinesscontinuityplanforadequacy
(B) Performafullsimulationofthebusinesscontinuityplan
(C) Trainandeducateemployeesregardingthebusinesscontinuityplan
(D) Notifycriticalcontactsinthebusinesscontinuityplan
793
Integratingbusinesscontinuityplanning(BCP)intoanITprojectaidsin:
(A) theretrofittingofthebusinesscontinuityrequirements.
(B) thedevelopmentofamorecomprehensivesetofrequirements.
(C) thedevelopmentofatransactionflowchart.
(D) ensuringtheapplicationmeetstheuser'sneeds.
794
Whileobservingafullsimulationofthebusinesscontinuityplan,anISauditornotices
thatthenotificationsystemswithintheorganizationalfacilitiescouldbeseverely
impactedbyinfrastructuraldamage.TheBESTrecommendationtheISauditorcan
providetotheorganizationistoensure:
(A) thesalvageteamistrainedtousethenotificationsystem.
(B) thenotificationsystemprovidesfortherecoveryofthebackup.
(C) redundanciesarebuiltintothenotificationsystem.
(D) thenotificationsystemsarestoredinavault.
795
Theactivationofanenterprise'sbusinesscontinuityplanshouldbebasedon
predeterminedcriteriathataddressthe:
(A) durationoftheoutage.
(B) typeofoutage.
(C) probabilityoftheoutage.
(D) causeoftheoutage.
28
CISAQuestions
796
NEW2009
Anorganizationhasoutsourceditswideareanetwork(WAN)toathirdpartyservice
provider.Underthesecircumstances,whichofthefollowingisthePRIMARYtasktheIS
auditorshouldperformduringanauditofbusinesscontinuity(BCP)anddisasterrecovery
planning(DRP)?
(A) Reviewwhethertheserviceprovider'sBCPprocessisalignedwiththe
organization'sBCPandcontractualobligations.
(B) Reviewwhethertheservicelevelagreement(SLA)containsapenaltyclausein
caseoffailuretomeetthelevelofserviceincaseofadisaster.
(C) Reviewthemethodologyadoptedbytheorganizationinchoosingtheservice
provider.
(D) Reviewtheaccreditationofthethirdpartyserviceprovider'sstaff.
797
NEW2009
AnISauditorcanverifythatanorganization'sbusinesscontinuityplan(BCP)iseffective
byreviewingthe:
(A) alignmentoftheBCPwithindustrybestpractices.
(B) resultsofbusinesscontinuitytestsperformedbyISandenduserpersonnel.
(C) offsitefacility,itscontents,securityandenvironmentalcontrols.
(D) annualfinancialcostoftheBCPactivitiesversustheexpectedbenefitof
implementationoftheplan.
798
NEW2009
Tooptimizeanorganization'sbusinesscontingencyplan(BCP),anISauditorshould
recommendconductingabusinessimpactanalysis(BIA)inordertodetermine:
(A) thebusinessprocessesthatgeneratethemostfinancialvaluefortheorganization
andthereforemustberecoveredfirst.
(B) theprioritiesandorderforrecoverytoensurealignmentwiththeorganization's
businessstrategy.
(C) thebusinessprocessesthatmustberecoveredfollowingadisastertoensurethe
organization'ssurvival.
(D) theprioritiesandorderofrecoverywhichwillrecoverthegreatestnumberof
systemsintheshortesttimeframe.
29
CISAQuestions
799
NEW2009
Afinancialservicesorganizationisdevelopinganddocumentingbusinesscontinuity
measures.InwhichofthefollowingcaseswouldanISauditorMOSTlikelyraiseanissue?
(A) Theorganizationusesgoodpracticeguidelinesinsteadofindustrystandardsand
reliesonexternaladvisorstoensuretheadequacyofthemethodology.
(B) Thebusinesscontinuitycapabilitiesareplannedaroundacarefullyselectedsetof
scenarioswhichdescribeeventsthatmighthappenwithareasonableprobability.
(C) Therecoverytimeobjectives(RTOs)donottakeITdisasterrecoveryconstraints
intoaccount,suchaspersonnelorsystemdependenciesduringtherecovery
phase.
(D) Theorganizationplanstorentasharedalternatesitewithemergencyworkplaces
whichhasonlyenoughroomforhalfofthenormalstaff.
800
NEW2009
Amediumsizedorganization,whoseITdisasterrecoverymeasureshavebeeninplace
andregularlytestedforyears,hasjustdevelopedaformalbusinesscontinuityplan(BCP).
AbasicBCPtabletopexercisehasbeenperformedsuccessfully.Whichtestingshouldan
ISauditorrecommendbeperformedNEXTtoverifytheadequacyofthenewBCP?
(A) Fullscaletestwithrelocationofalldepartments,includingIT,tothecontingency
site
(B) Walkthroughtestofaseriesofpredefinedscenarioswithallcriticalpersonnel
involved
(C) ITdisasterrecoverytestwithbusinessdepartmentsinvolvedintestingthecritical
applications
(D) FunctionaltestofascenariowithlimitedITinvolvement
30

CISA Questions Business Continuity and Disaster Recovery

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CISA Questions Business Continuity and Disaster Recovery

Uploaded by

Copyright:

Available Formats

CISAQuestions

You might also like