CISA Exam-Test 29 /30 215 Sorry, Your time is over. CISA EXAM-TEST 29 1 / 30 1. The PRIMARY purpose of implementing Redundant Array of Inexpensive Disks (RAID) level 1 in a file server is to: achieve performance improvement. ensure the confidentiality of data. provide user authentication. ensure availability of data RAID level 1 provides disk mirroring. Data written to one disk are also written to another disk. Users in the network access data in the first disk; if disk one fails, the second disk takes over. This redundancy ensures the availability of data. 2 / 30 2. Which of the following is the BEST indicator of the effectiveness of backup and restore procedures while restoring data after a disaster? Backup tapes were completely restored at an alternate site. Members of the recovery team were available. Inventory of backup tapes was properly maintained. Recovery time objectives (RTOs) were met. The effectiveness of backup and restore procedures is best ensured by recovery time objectives (RTOs) being met because these are the requirements that are critically defined during the business impact analysis stage, with the inputs and involvement of all business process owners. 3 / 30 3. During which phase of the incident management life cycle should metrics such as "mean time to incident discovery" and "cost of recovery" be reported? Post-incident assessment Detection, triage, and investigation Planning and preparation Containment, analysis, tracking, and recovery 4 / 30 4. What is the BEST backup strategy for a large database with data supporting online sales? Mirrored hard disks Weekly full backup with daily incremental backup Clustered servers Daily full backup Mirrored hard disks will ensure that all data are backed up to more than one disk so that a failure of one disk will not result in loss of data. 5 / 30 5. An IS auditor observed that multiple applications are hosted on the same server. The recovery time objective (RTO) for the server will be: based on the application with the longest RTO. independent of the RTO and based on the criticality of the application. based on the mean of each application's RTO. based on the application with the shortest RTO. When several applications are hosted on a server, the server's RTO must be determined by taking the RTO of the most critical application, which is the shortest RTO. 6 / 30 6. Which of the following should be of GREATEST concern to an IS auditor reviewing the controls for a continuous software release process? Developers are able to approve their own releases Release documentation is not updated to reflect successful deployment Testing documentation is not attached to production releases Test libraries have not been reviewed in over six months. 7 / 30 7. In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? Maintaining system software parameters Ensuring grandfather-father-son file backups Ensuring periodic dumps of transaction logs Maintaining important data at an offsite location Ensuring periodic dumps of transaction logs is the only safe way of preserving timely historic data. Because online systems do not have a paper trail that can be used to recreate data, maintaining transaction logs is critically important to prevent data loss. The volume of activity usually associated with an online system may make other more traditional methods of backup impractical. 8 / 30 8. During an application audit, the IS auditor finds several problems related to corrupt data in the database. Which of the following is a corrective control that the IS auditor should recommend? Ensure that only authorized personnel can update the database. Proceed with restore procedures. Define the standards, and closely monitor them for compliance. Establish controls to handle concurrent access problems. Proceeding with restore procedures is a corrective control. Restore procedures can be used to recover databases to their last-known archived version. 9 / 30 9. Which of the following BEST describes the relationship between vulnerability scanning and penetration testing? The scope of both is determined primarily by the likelihood of exploitation Both utilize a risk-based analysis that considers threat scenarios For entities with regulatory drivers, the two tests must be the same. Both are labor-intensive in preparation, planning and execution 10 / 30 10. Which of the following is the MOST important function to be performed by IS management when a service has been outsourced? Monitoring the outsourcing provider's performance Ensuring that invoices are paid to the provider Participating in systems design with the provider Renegotiating the provider's fees 11 / 30 11. While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be: shadow file processing. electronic vaulting. hard-disk mirroring. hot-site provisioning. In shadow file processing, exact duplicates of the files are maintained at the same site or at a remote site. The two files are processed concurrently. This is used for critical data files such as airline booking systems. 12 / 30 12. If a database is restored using before-image dumps, where should the process begin following an interruption? After the last transaction Before the last transaction As the last transaction before the latest checkpoint As the first transaction after the latest checkpoint If before images are used, the last transaction in the dump will not have updated the database prior to the dump being taken. 13 / 30 13. Which of the following is the PRIMARY reason for an IS auditor to use computer-assisted audit techniques (CAATs)? To conduct automated sampling for testing To perform direct testing of production data To efficiently test an entire population To enable quicker access to information CAATs could aid significantly in the effective and efficient detection of irregularities or illegal acts 14 / 30 14. Which of the following would BEST support 24/7 availability? Daily backup Mirroring Periodic testing Offsite storage Mirroring of critical elements is a tool that facilitates immediate (failover) recoverability. 15 / 30 15. An IS auditor notes during an audit that an organization's business continuity plan (BCP) does not adequately address information confidentiality during the recovery process. The IS auditor should recommend that the plan be modified to include: the level of information security required when business recovery procedures are invoked. information security roles and responsibilities in the crisis management structure. information security resource requirements. change management procedures for information security that could affect business continuity arrangements. Business should consider whether information security levels required during recovery should be the same, lower or higher than when business is operating normally. In particular, any special rules for access to confidential data during a crisis need to be identified. 16 / 30 16. Which of the following backup techniques is the MOST appropriate when an organization requires extremely granular data restore points, as defined in the recovery point objective (RPO)? Continuous data backup Disk-based snapshots Disk-to-tape backup Virtual tape libraries Recovery point objective (RPO) is based on the acceptable data loss in the case of a disruption. In this scenario the organization needs a short RPO and continuous data backup is the best option. 17 / 30 17. An IS auditor finds that, in accordance with IS policy, IDs of terminated users are deactivated within 90 days of termination. The IS auditor should: report that the control is operating effectively since deactivation happens as per the IS policy recommend that activity logs of terminated users be reviewed on a regular basis recommend changes to the IS policy to ensure deactivation of user IDs upon termination verify that user access rights have been granted on a need-to-have basis. 18 / 30 18. An IS auditor is performing a review of the disaster recovery hot site used by a financial institution. Which of the following would be the GREATEST concern? Servers at the hot site do not have the same specifications as at the main site. System administrators use shared accounts which never expire at the hot site. Physical security controls at the hot site are less robust than at the main site. Disk space utilization data are not kept current. Not knowing how much disk space is in use and, therefore, how much is needed at the disaster recovery site could create major issues in the case of a disaster. 19 / 30 19. Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities? Define a balanced scorecard (BSC) for measuring performance Select projects according to business benefits and risks Modify the yearly process of defining the project portfolio Consider user satisfaction in the key performance indicators (KPIs) 20 / 30 20. Which of the following would an IS auditor consider to be the MOST important to review when conducting a disaster recovery audit? A hot site is contracted for and available as needed. A business continuity manual is available and current. Media backups are performed on a timely basis and stored offsite. Insurance coverage is adequate and premiums are current. Without data to process, all other components of the recovery effort are in vain. Even in the absence of a plan, recovery efforts of any type would not be practical without data to process. 21 / 30 21. Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)? Mean time between failures Minimum operating requirements Acceptable data loss Acceptable time for recovery Recovery point objectives (RPOs) are the level of data loss/reworking an organization is willing to accept. 22 / 30 22. Which of the following ensures the availability of transactions in the event of a disaster? Transmit transactions offsite in real time. Send tapes daily containing transactions offsite. Capture transactions to multiple storage devices. Send tapes hourly containing transactions offsite. The only way to ensure availability of all transactions is to perform a real-time transmission to an offsite facility. 23 / 30 23. An organization plans to launch a social media presence as part of a new customer service campaign. Which of the following is the MOST significant risk from the perspective of potential litigation? There is a lack of dear procedures for responding to customers on social media outlets Approved employees can use personal devices to post on the company $ behalf The policy stating what employees can post on the organization s behalf is unclear Access to corporate-sponsored social media accounts requires only single-factor authentication. 24 / 30 24. An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a: warm site. dial-up site. duplicate processing facility. cold site. A cold site is ready to receive equipment but does not offer any components at the site in advance of the need. 25 / 30 25. An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the: ownership of intellectual property. access control software. application development methodology hardware configuration 26 / 30 26. Which of the following is the BEST way for an IS auditor to ensure the completeness of data collected for advanced analytics during an audit? Obtain access to the quality assurance (QA) system to independently download the information Perform additional quality control steps after selecting the samples Request the data owner to verify and approve the information Review the query or parameters used to download the data before selecting samples 27 / 30 27. Which of the following is the GREATEST risk when storage growth in a critical file server is not managed properly? Server recovery work may not meet the recovery time objective (RTO). Backup operational costs would significantly increase. Backup time would steadily increase. Backup operational costs would significantly increase. In case of a crash, recovering a server with an extensive amount of data could require a significant amount of time. If the recovery cannot meet the RTO, there will be a discrepancy in IT strategies. It is important to ensure that server restoration can meet the RTO. 28 / 30 28. A large chain of shops with electronic funds transfer (EFT) at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? Alternative standby processor onsite Offsite storage of daily backups Installation of duplex communication links Alternative standby processor at another network node Having an alternative standby processor at another network node would be the best solution. The unavailability of the central communications processor would disrupt all access to the banking network, resulting in the disruption of operations for all of the shops. This could be caused by failure of equipment, power or communications. 29 / 30 29. In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy? The RPO is high. The recovery time objective (RTO) is high. Disaster tolerance is high. The recovery point objective (RPO) is low. The recovery point objective (RPO) indicates the latest point in time at which it is possible to recover the data. This determines how often the data must be backed up to minimize data loss. If the RPO is low, then the organization does not want to lose much data and must use a process such as data mirroring to prevent data loss 30 / 30 30. disaster recovery plan (DRP) for an organization's financial system specifies that the recovery point objective (RPO) is zero and the recovery time objective (RTO) is 72 hours. Which of the following is the MOST cost-effective solution? A hot site that can be operational in eight hours with asynchronous backup of the transaction logs Synchronous updates of the data and standby active systems in a hot site Distributed database systems in multiple locations updated asynchronously Synchronous remote copy of the data in a warm site that can be operational in 48 hours The synchronous copy of the data storage achieves the RPO, and a warm site operational in 48 hours meets the required RTO. Your score is LinkedIn Facebook Twitter Exit