CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 370
1. Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)?
A) Minimum operating requirements
B) Acceptable data loss
C) Mean time between failures
D) Acceptable time for recovery
2. A structured walk-through test of a disaster recovery plan involves:
A) representatives from each of the functional areas coming together to go over the plan.
B) all employees who participate in the day-to-day operations coming together to practice executing the plan.
C) moving the systems to the alternate processing site and performing processing operations.
D) distributing copies of the plan to the various functional areas for review.
3. In a contract with a hot, warm or cold site, contractual provisions should cover which of the following considerations?
A) Physical security measures
B) Total number of subscribers
C) Number of subscribers permitted to use a site at one time
D) References by other users
4. During a follow-up audit, an IS auditor finds that the auditee has updated virus scanner definitions without adopting the original audit recommendation to increase the frequency of using the scanner. The MOST appropriate action for the auditor is to:
A) prepare a follow-up audit report reiterating the recommendation.
B) escalate the issue to senior management.
C) modify the audit opinion based on the new information available.
D) conclude that the residual risk is beyond tolerable levels of risk.
5. When developing a business continuity plan, business unit management's involvement is MOST important during the:
A) performance of a business impact analysis.
B) development of business recovery procedures.
C) implementation of a document repository.
D) performance of an IT risk assessment.
A) Minimum operating requirements
B) Acceptable data loss
C) Mean time between failures
D) Acceptable time for recovery
2. A structured walk-through test of a disaster recovery plan involves:
A) representatives from each of the functional areas coming together to go over the plan.
B) all employees who participate in the day-to-day operations coming together to practice executing the plan.
C) moving the systems to the alternate processing site and performing processing operations.
D) distributing copies of the plan to the various functional areas for review.
3. In a contract with a hot, warm or cold site, contractual provisions should cover which of the following considerations?
A) Physical security measures
B) Total number of subscribers
C) Number of subscribers permitted to use a site at one time
D) References by other users
4. During a follow-up audit, an IS auditor finds that the auditee has updated virus scanner definitions without adopting the original audit recommendation to increase the frequency of using the scanner. The MOST appropriate action for the auditor is to:
A) prepare a follow-up audit report reiterating the recommendation.
B) escalate the issue to senior management.
C) modify the audit opinion based on the new information available.
D) conclude that the residual risk is beyond tolerable levels of risk.
5. When developing a business continuity plan, business unit management's involvement is MOST important during the:
A) performance of a business impact analysis.
B) development of business recovery procedures.
C) implementation of a document repository.
D) performance of an IT risk assessment.
1. Right Answer: B
Explanation: Recovery time objectives (RTOs) are the acceptable time delay in availability of business operations, while recovery point objectives (RPOs) are the level of data loss/reworking an organization is willing to accept. Mean time between failures and minimum operating requirements help in defining recovery strategies.
2. Right Answer: B
Explanation: A structured walk-through test of a disaster recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required. Choice B is a simulation test to prepare and train the personnel who will be required to respond to disasters and disruptions. Choice C is a form of parallel testing to ensure that critical systems will perform satisfactorily in the alternate site. Choice D is a checklist test.
3. Right Answer: C
Explanation: The contract should specify the number of subscribers permitted to use the site at any one time. Physical security measures are not a part of the contract, although they are an important consideration when choosing a third-party site. The total number of subscribers is not a consideration; what is important is whether the agreement limits the number of subscribers in a building or in a specific area. The references that other users can provide is a consideration taken before signing the contract; it is by no means part of the contractual provisions.
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Explanation: Recovery time objectives (RTOs) are the acceptable time delay in availability of business operations, while recovery point objectives (RPOs) are the level of data loss/reworking an organization is willing to accept. Mean time between failures and minimum operating requirements help in defining recovery strategies.
2. Right Answer: B
Explanation: A structured walk-through test of a disaster recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required. Choice B is a simulation test to prepare and train the personnel who will be required to respond to disasters and disruptions. Choice C is a form of parallel testing to ensure that critical systems will perform satisfactorily in the alternate site. Choice D is a checklist test.
3. Right Answer: C
Explanation: The contract should specify the number of subscribers permitted to use the site at any one time. Physical security measures are not a part of the contract, although they are an important consideration when choosing a third-party site. The total number of subscribers is not a consideration; what is important is whether the agreement limits the number of subscribers in a building or in a specific area. The references that other users can provide is a consideration taken before signing the contract; it is by no means part of the contractual provisions.
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment