DM4: IS Business Resilience and Maintenance Management

Question 1

What is the purpose of using separate conduits for data and electrical cables?

Answer 1

To reduce data corruption due to magnetics fields created by electrical currents.

Question 2

What are the primary operating system access control functions?

Answer 2

log user activities and log events (think Event Viewer on PC)

Question 3

Which types of cabling are insecure?

Answer 3

Coaxial and copper wire

Question 4

Which type of cabling is most secure?

Answer 4

Fiber optic cable

Question 5

What are the risks involved in spooling printed reports for offline printing?

Answer 5

Additional report copies can be printed by unauthorized individuals

Question 6

What is a common gateway interface (CGI)?

Answer 6

it’s the standard way for a web server to pass a user’s request to an application and move data back and forth

Question 7

What are the common types of enterprise back-end devices?

Answer 7

print servers, file servers, application servers, web servers, proxy servers, database servers, and appliances

Question 8

What are enterprise appliances (specialized devices)?

Answer 8

devices that provide a specific services such as firewalls, IDS’s, IPS’s, switches, routers, VPNs, and load balancers

Question 9

What is the purpose of a proxy server?

Answer 9

the provide a link between users and resources and access resources on behalf of the user, sometimes providing more secure and faster response

Question 10

What are the common risks related to USBs?

Answer 10

viruses and malicious software;
data thefts;
data/media loss;
corruption of data;
loss of confidentiality

Question 11

What are some security controls for use of USBs?

Answer 11

encryption;
granular control;
security personnel education;
locked desktop policies;
antivirus policy

Question 12

What are areas to review when auditing a hardware maitenance program?

Answer 12

hardware acquisition plan;
actual acquisition;
IT asset management;
capacity management;
preventative maintenance schedule;
problem logs

Question 13

What information do you need for each asset in an IT asset management system?

Answer 13

Owner, designated custodian, ID of asset, value of asset, loss implication/priority, location, security classification, asset group

Question 14

What does a job scheduling software provide?

Answer 14

control over scheduling jobs, tape backups, and other maintenance activities

Question 15

What should be done for high-priority jobs in a job scheduler?

Answer 15

they should be given optimal resources and be performed in nonpeak times

Question 16

In regards to system interfaces, what is a critical area that should be verified?

Answer 16

data residing on sending systems are precisely the same data being recorded in the receiving system; encryption is being used

Question 17

What is the goal of data governance?

Answer 17

stakeholder needs can be managed;
direction for data management;
performance management;

Question 18

What are the three types of data quality?

Answer 18

intrinsic, contextual, and security/accessibility

Question 19

What is intrinsic data quality?

Answer 19

the extent to which data values are in conformance with actual or true values

Question 20

What is contextual data quality?

Answer 20

the extent to which information is applicable to the task of the information user and is presented in an intelligible and clear manner, recognizing that information quality depends on the context of use

Question 21

What is accessibility data quality?

Answer 21

the extent to which information is available or obtainable

Question 22

What are the five phases of the data life cycle?

Answer 22

1. Plan
2. Design
3. Build/Acquire
4. Use/Operate
5. Monitor
6. Dispose

Question 23

What are the FIRST 3 phases of the data life cycle and their purpose?

Answer 23

1. Plan - creation, acquisition, and use of the information resource is prepared. (E.g., understanding information, value of information, identifying objectives)

2 - Design - how the information will look and how the systems processing the information will have to work (e.g., standards, data definitions)

3. Build/acquire - when the information resource is actually acquired (e.g., creation of data, purchase of data, loading of data)

Question 24

What are the LAST 3 phases of the data life cycle and their purpose?

Answer 24

4. Use/operate - storing/sharing/use of information resources
5. Monitor - ensuring that information resources continue to work properly
6. Dispose - information is transferred or retained for a specified period, destroyed, or archived

Question 25

What is the significance of Operating System (OS) integrity?

Answer 25

protects itself from deliberate and inadvertent modification;
ensures that privileged programs cannot be interfered with by user programs;
provides process isolation to ensure that concurrent processes wont interfere with each other and least privilege is enforced for processes

Question 26

What is one way to protect system logs from being altered by intruders?

Answer 26

Using a security information and event management (SIEM) software

Question 27

What are the three components of a data communication system?

Answer 27

1. transmitter (source)
2. transmission patch (channel or line)
3. receiver

Question 28

What is a utility program?

Answer 28

system software used to perform maintenance and routines that frequently are required during normal processing operations.

Question 29

What is the primary functional uses of a utility programs?

Answer 29

understanding application systems; assessing or testing data quality; testing a programs ability to function correctly; assisting in faster program development; improving operational efficiency

Question 30

What are the two types of licensing?

Answer 30

free and paid

Question 31

What are example of free licensing?

Answer 31

open source, freeware, shareware

Question 32

What are examples of paid licensing?

Answer 32

licensing per: CPU, seat, concurrent user, utilization, workstation, enterprise

Question 33

If reviewing licensing for an organization, what should an IS auditor look for?

Answer 33

list of all standard, used, and licensed software;
all contracts;
network scans of software;
compare contracts to installed software

Question 34

What is capacity management?

Answer 34

the planning and monitoring of computing and network resources to ensure that the available resources are used efficiently and effectively

Question 35

What are the benefits and drawbacks of application stacking?

Answer 35

benefits:
allows the organization to make better use of resources as apps are consolidated to large servers

drawbacks:
increases the impact of a server outage and affects more applications when a server needs to be shut down

Question 36

What is the first step of a capacity management plan?

Answer 36

understanding of current and future requirements for IT resources

Question 37

What is the difference between problem and incident management?

Answer 37

problem management focuses on resolving issuing through investigation and analysis of a major incident or several incidents that a similar to find a root cause; incident management focuses on providing increased continuity of service by reducing disturbances to IT services

Question 38

What is an essential step of incident handling?

Answer 38

determining impact and urgency then prioritizing based on these values

Question 39

What is the goal of service-level management?

Answer 39

maintain and improve customer satisfaction and to imporve the service delivered

Question 40

What are major considerations for SLA delivery?

Answer 40

accuracy, completeness, timeliness, security

Question 41

Why is a data definition language (DDL) implemented in on a DBMS?

Answer 41

creates a schema representation used to interpret and respond to users request.

Question 42

What is a data dictionary/directory system (DD/DS) used for?

Answer 42

to define and store source and object forms of all data definitions for external schemas, conceptual schemas, the internal schema, and all associated mappings

Question 43

What functions does a data dictionary/directory system (DD/DS) serve?

Answer 43

data definition language (DDL) processor;
validation of defintions;
prevention of unauthorized access to metadata;
interrogation and reporting facilities for DBAs

Question 44

What are the three types of DBMS structures?

Answer 44

network, hierarchical, relational

Question 45

What is a network DBMS structure?

Answer 45

data modeling is based on “sets” created by owner and member record types.

Question 46

What is a hierarchical DBMS structure?

Answer 46

data is structured in parent and child segments and typically 1:N relationships. child segments can have only one parent segment so duplication is necessary for multiple relationships

Question 47

What is a relational DBMS structure?

Answer 47

you know what a relational DBMS is… tables, views, keys, etc.

Question 48

What does normalization of a relational DBMS accomplish?

Answer 48

minimizes the amount of information needed in tables to satisfy queries

Question 49

What is the most important thing to consider when reviewing databases?

Answer 49

integrity

Question 50

What are the main considerations of when performing a BIA?

Answer 50

the importance and criticality of each process;
what are the critical information resources;
what is the critical recovery time period

Question 51

What are the four classifications of systems in a BIA?

Answer 51

critical, vital, sensitive, noncritical

Question 52

What is the difference between the four classifications of systems?

Answer 52

Critical - functions cant be performed unless completely replaced (non-manual methods). Very low interruption tolerance and very high cost of interruption.

Vital - functions that can be performed manually but only for a short period. High tolerance to interruption and lower costs of interruption if corrected within 5 days.

Sensitive - can be performed manually at a tolerable cost for an extended period of time, though may be difficult.

Nonsensitive - can be interrupted for an extended period of time at little to no cost

Question 53

What is a cluster (clustering)?

Answer 53

protects from single point of failure; type of software/agent that is installed on every server/node in which the application runs and includes management software that permits control of and tuning the cluster behavior,

Question 54

What is an active-active cluster?

Answer 54

The application runs on every node in a cluster and information processing is coordinated between all the nodes, providing load balancing and concurrent data access.

This also has impacts on network latency

Question 55

What is an active-passive cluster?

Answer 55

The application runs on only one node and other nodes are used if the application fails on the active node and is viable for application availability

Question 56

What is alternate routing?

Answer 56

method of routing information via an alternate medium using different networks, circuits, and end points in case the primary network is not available

Question 57

What is diverse routing?

Answer 57

method of routing traffic through split cable facilities or duplicate cable facilities, either in separate or the same conduits.

Question 58

What are the four types of disk-based backup systems?

Answer 58

virtual tape libraries; host-based replication; disk-array-based replication; snapshots

Question 59

How do virtual tape libraries (VTL) function?

Answer 59

Consist of disk storage and software that control backup and recovery data sets. Data is stored on a disk array and VTL disks are replicated from a primary site to a backup site using hardware based replication

Question 60

How does host-based replication work?

Answer 60

executed at the server level, this replication occurs in real-time or with some delay. Data is not written to the primary site until confirmation is received that the data was successfully written to the backup site

Question 61

What is the first step of preparing a BCP?

Answer 61

identifying the business processes of strategic importance

Question 62

What is the first step of the risk management process?

Answer 62

a risk assessment

Question 63

What should a risk assessment consider?

Answer 63

resources (HR, data, infrastructure); potential vulnerabilities; existing risk mitigation controls; probability of impact

Question 64

What should be considered when establishing a BCP?

Answer 64

critical operations for the survival of an organization;
human/material resources needed to support them

Question 65

In a BCP, the value of an application is proportional to what?

Answer 65

the role of the system in supporting the strategy of the organization

Question 66

Steps should always be taken to reduce the likelihood of disruption, what are possible methods of doing this?

Answer 66

considering location (environmental risks); use resilient network topographies (alternative routing, etc.)

Question 67

What is one KEY output of a risk assessment when examining an organization with multiple systems?

Answer 67

a dependencies map of critical business processes and applications with documented threats and vulnerabilities to these dependencies

Question 68

Why is a business continuity POLICY important?

Answer 68

it is a communication to internal stakeholders regarding the efforts and expectations;
its a communication to external stakeholders to show the organization is taking it seriously;
it states and empowers those who have responsibility;
includes guiding principles

Question 69

What are the four levels of incidents?

Answer 69

negligible, minor, major, crisis

Question 70

What plan documents SHOULD a BCP include?

Answer 70

continuity of operations plan;
disaster recovery plan;
business resumption plan

Question 71

What plan documents MIGHT, though dependent on the organization, a BCP include?

Answer 71

continuity of support plan;
IT contingency plan;
incident response plan;
transportation plan;
occupant emergency plan;
evacuation plan;
relocation plan

Question 72

When test a BCP, what should be accomplished?

Answer 72

verify the completeness and precision of BCP;
evaluate the performance of the personnel in the test;
evaluate training and awareness of employees not on BCP team

Question 73

What should be done following the completion of a BCP test?

Answer 73

Results analysis; considering elapsed time, amount of work, total vital records secured, and accuracy

Question 74

Who is responsible for maintaining a BCP?

Answer 74

BCP coordinator (most often)

Question 75

What are some of the responsibilities of a BCP coordinator when maintaining a BCP?

Answer 75

scheduling periodic reviews,
call for revisions;
coordinate tests;
develop training;
maintain records of training

Question 76

When reviewing the BCP, what are the major steps an IS Auditor should take?

Answer 76

1. review the document
2. review the applications covered by the plan
3. review the established teams
4. review plan testing procedures
5. evaluate prior results
6. evaluate offsite storage and offsite security

Question 77

What should be considered when evaluating an organizations offsite storage facility?

Answer 77

the presence, synchronization, and curreny of critical media and documentation (e.g., data files, application software, application documentation, operations documentation)

Question 78

What should an IS auditor look for when reviewing the contract with the alternative processing facility?

Answer 78

to ensure reliability and that all agreeements are documented; ensure that insurance covers aligns with disaster expenses; ensure that tests are done at hot sites regularly; recourse of breach of contract

Question 79

What is an RTO and what is it used for?

Answer 79

Recovery time objectives (RTO) are used to determine the acceptable downtime of a system and is the earliest point in time in which operations must resume

Question 80

What is an RPO and what is it used for?

Answer 80

Recovery point objectives (RPO) are used to determine the acceptable data loss and is the earliest point in time in which data can be recovered

Question 81

If an application has a low RPO, what type of recovery strategy would be useful? A high RPO?

Answer 81

LOW - means that it cannot handle much data loss and needs near real-time data strategy (e.g., mirroring, replication, disk backups, snapshots)

HIGH: means it can accept loss of data. tape backups, log shipping

Question 82

If an application has a low RTO, what type of recovery strategy would be useful? A high RTO?

Answer 82

LOW - means that is must be re-initialized quickly (e.g., active-active clusters, active-passive clusters,, hot standby)

HIGH - less quick recovery (e.g., cold standby)

Question 83

What are some examples of incidents where a DRP may need to be invoked?

Answer 83

loss of network connection;
loss of key IT system;
loss of a processing site;
loss of critical data;
loss of an office;
loss of key service provider