CISA Exam-Test 29 /30 218 Sorry, Your time is over. CISA EXAM-TEST 29 1 / 30 1. Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)? Acceptable time for recovery Minimum operating requirements Acceptable data loss Mean time between failures Recovery point objectives (RPOs) are the level of data loss/reworking an organization is willing to accept. 2 / 30 2. During which phase of the incident management life cycle should metrics such as "mean time to incident discovery" and "cost of recovery" be reported? Containment, analysis, tracking, and recovery Planning and preparation Post-incident assessment Detection, triage, and investigation 3 / 30 3. If a database is restored using before-image dumps, where should the process begin following an interruption? Before the last transaction As the last transaction before the latest checkpoint As the first transaction after the latest checkpoint After the last transaction If before images are used, the last transaction in the dump will not have updated the database prior to the dump being taken. 4 / 30 4. While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be: shadow file processing. electronic vaulting. hot-site provisioning. hard-disk mirroring. In shadow file processing, exact duplicates of the files are maintained at the same site or at a remote site. The two files are processed concurrently. This is used for critical data files such as airline booking systems. 5 / 30 5. Which of the following is the GREATEST risk when storage growth in a critical file server is not managed properly? Backup operational costs would significantly increase. Server recovery work may not meet the recovery time objective (RTO). Backup time would steadily increase. Backup operational costs would significantly increase. In case of a crash, recovering a server with an extensive amount of data could require a significant amount of time. If the recovery cannot meet the RTO, there will be a discrepancy in IT strategies. It is important to ensure that server restoration can meet the RTO. 6 / 30 6. An IS auditor finds that, in accordance with IS policy, IDs of terminated users are deactivated within 90 days of termination. The IS auditor should: recommend changes to the IS policy to ensure deactivation of user IDs upon termination verify that user access rights have been granted on a need-to-have basis. recommend that activity logs of terminated users be reviewed on a regular basis report that the control is operating effectively since deactivation happens as per the IS policy 7 / 30 7. An organization plans to launch a social media presence as part of a new customer service campaign. Which of the following is the MOST significant risk from the perspective of potential litigation? Approved employees can use personal devices to post on the company $ behalf The policy stating what employees can post on the organization s behalf is unclear Access to corporate-sponsored social media accounts requires only single-factor authentication. There is a lack of dear procedures for responding to customers on social media outlets 8 / 30 8. In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy? The recovery point objective (RPO) is low. The RPO is high. Disaster tolerance is high. The recovery time objective (RTO) is high. The recovery point objective (RPO) indicates the latest point in time at which it is possible to recover the data. This determines how often the data must be backed up to minimize data loss. If the RPO is low, then the organization does not want to lose much data and must use a process such as data mirroring to prevent data loss 9 / 30 9. disaster recovery plan (DRP) for an organization's financial system specifies that the recovery point objective (RPO) is zero and the recovery time objective (RTO) is 72 hours. Which of the following is the MOST cost-effective solution? Synchronous updates of the data and standby active systems in a hot site A hot site that can be operational in eight hours with asynchronous backup of the transaction logs Distributed database systems in multiple locations updated asynchronously Synchronous remote copy of the data in a warm site that can be operational in 48 hours The synchronous copy of the data storage achieves the RPO, and a warm site operational in 48 hours meets the required RTO. 10 / 30 10. What is the BEST backup strategy for a large database with data supporting online sales? Daily full backup Clustered servers Mirrored hard disks Weekly full backup with daily incremental backup Mirrored hard disks will ensure that all data are backed up to more than one disk so that a failure of one disk will not result in loss of data. 11 / 30 11. Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities? Consider user satisfaction in the key performance indicators (KPIs) Define a balanced scorecard (BSC) for measuring performance Modify the yearly process of defining the project portfolio Select projects according to business benefits and risks 12 / 30 12. During an application audit, the IS auditor finds several problems related to corrupt data in the database. Which of the following is a corrective control that the IS auditor should recommend? Proceed with restore procedures. Establish controls to handle concurrent access problems. Define the standards, and closely monitor them for compliance. Ensure that only authorized personnel can update the database. Proceeding with restore procedures is a corrective control. Restore procedures can be used to recover databases to their last-known archived version. 13 / 30 13. Which of the following is the MOST important function to be performed by IS management when a service has been outsourced? Renegotiating the provider's fees Monitoring the outsourcing provider's performance Ensuring that invoices are paid to the provider Participating in systems design with the provider 14 / 30 14. The PRIMARY purpose of implementing Redundant Array of Inexpensive Disks (RAID) level 1 in a file server is to: ensure the confidentiality of data. ensure availability of data achieve performance improvement. provide user authentication. RAID level 1 provides disk mirroring. Data written to one disk are also written to another disk. Users in the network access data in the first disk; if disk one fails, the second disk takes over. This redundancy ensures the availability of data. 15 / 30 15. Which of the following BEST describes the relationship between vulnerability scanning and penetration testing? Both are labor-intensive in preparation, planning and execution For entities with regulatory drivers, the two tests must be the same. The scope of both is determined primarily by the likelihood of exploitation Both utilize a risk-based analysis that considers threat scenarios 16 / 30 16. Which of the following should be of GREATEST concern to an IS auditor reviewing the controls for a continuous software release process? Developers are able to approve their own releases Testing documentation is not attached to production releases Release documentation is not updated to reflect successful deployment Test libraries have not been reviewed in over six months. 17 / 30 17. An IS auditor notes during an audit that an organization's business continuity plan (BCP) does not adequately address information confidentiality during the recovery process. The IS auditor should recommend that the plan be modified to include: information security roles and responsibilities in the crisis management structure. the level of information security required when business recovery procedures are invoked. change management procedures for information security that could affect business continuity arrangements. information security resource requirements. Business should consider whether information security levels required during recovery should be the same, lower or higher than when business is operating normally. In particular, any special rules for access to confidential data during a crisis need to be identified. 18 / 30 18. A large chain of shops with electronic funds transfer (EFT) at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? Alternative standby processor at another network node Offsite storage of daily backups Installation of duplex communication links Alternative standby processor onsite Having an alternative standby processor at another network node would be the best solution. The unavailability of the central communications processor would disrupt all access to the banking network, resulting in the disruption of operations for all of the shops. This could be caused by failure of equipment, power or communications. 19 / 30 19. Which of the following ensures the availability of transactions in the event of a disaster? Send tapes daily containing transactions offsite. Send tapes hourly containing transactions offsite. Capture transactions to multiple storage devices. Transmit transactions offsite in real time. The only way to ensure availability of all transactions is to perform a real-time transmission to an offsite facility. 20 / 30 20. Which of the following would BEST support 24/7 availability? Periodic testing Daily backup Mirroring Offsite storage Mirroring of critical elements is a tool that facilitates immediate (failover) recoverability. 21 / 30 21. In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? Ensuring grandfather-father-son file backups Maintaining important data at an offsite location Ensuring periodic dumps of transaction logs Maintaining system software parameters Ensuring periodic dumps of transaction logs is the only safe way of preserving timely historic data. Because online systems do not have a paper trail that can be used to recreate data, maintaining transaction logs is critically important to prevent data loss. The volume of activity usually associated with an online system may make other more traditional methods of backup impractical. 22 / 30 22. Which of the following is the BEST way for an IS auditor to ensure the completeness of data collected for advanced analytics during an audit? Review the query or parameters used to download the data before selecting samples Obtain access to the quality assurance (QA) system to independently download the information Request the data owner to verify and approve the information Perform additional quality control steps after selecting the samples 23 / 30 23. Which of the following would an IS auditor consider to be the MOST important to review when conducting a disaster recovery audit? A business continuity manual is available and current. Media backups are performed on a timely basis and stored offsite. Insurance coverage is adequate and premiums are current. A hot site is contracted for and available as needed. Without data to process, all other components of the recovery effort are in vain. Even in the absence of a plan, recovery efforts of any type would not be practical without data to process. 24 / 30 24. An IS auditor observed that multiple applications are hosted on the same server. The recovery time objective (RTO) for the server will be: based on the mean of each application's RTO. based on the application with the shortest RTO. independent of the RTO and based on the criticality of the application. based on the application with the longest RTO. When several applications are hosted on a server, the server's RTO must be determined by taking the RTO of the most critical application, which is the shortest RTO. 25 / 30 25. An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the: ownership of intellectual property. application development methodology hardware configuration access control software. 26 / 30 26. An IS auditor is performing a review of the disaster recovery hot site used by a financial institution. Which of the following would be the GREATEST concern? Physical security controls at the hot site are less robust than at the main site. System administrators use shared accounts which never expire at the hot site. Disk space utilization data are not kept current. Servers at the hot site do not have the same specifications as at the main site. Not knowing how much disk space is in use and, therefore, how much is needed at the disaster recovery site could create major issues in the case of a disaster. 27 / 30 27. An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a: duplicate processing facility. dial-up site. warm site. cold site. A cold site is ready to receive equipment but does not offer any components at the site in advance of the need. 28 / 30 28. Which of the following is the BEST indicator of the effectiveness of backup and restore procedures while restoring data after a disaster? Members of the recovery team were available. Inventory of backup tapes was properly maintained. Recovery time objectives (RTOs) were met. Backup tapes were completely restored at an alternate site. The effectiveness of backup and restore procedures is best ensured by recovery time objectives (RTOs) being met because these are the requirements that are critically defined during the business impact analysis stage, with the inputs and involvement of all business process owners. 29 / 30 29. Which of the following is the PRIMARY reason for an IS auditor to use computer-assisted audit techniques (CAATs)? To enable quicker access to information To conduct automated sampling for testing To efficiently test an entire population To perform direct testing of production data CAATs could aid significantly in the effective and efficient detection of irregularities or illegal acts 30 / 30 30. Which of the following backup techniques is the MOST appropriate when an organization requires extremely granular data restore points, as defined in the recovery point objective (RPO)? Virtual tape libraries Disk-based snapshots Disk-to-tape backup Continuous data backup Recovery point objective (RPO) is based on the acceptable data loss in the case of a disruption. In this scenario the organization needs a short RPO and continuous data backup is the best option. Your score is LinkedIn Facebook Twitter Exit