Domain 4: Information Systems Operations and Business Resilience - PART 4B Flashcards
The activation of an enterprise’s business continuity plan should be based on predetermined criteria that address the:
duration of the outage.
After a disaster declaration, the media creation date at a warm recovery site is based on the:
recovery point objective. (RPO)
After completing the business impact analysis, what is the NEXT step in the business continuity planning process?
Develop recovery strategies.
Applying a retention date on a file will ensure that:
data will not be deleted before that date.
The BEST method for assessing the effectiveness of a business continuity plan is to review the:
results from previous tests
A company with a limited budget has a recovery time objective of 72 hours and a recovery point objective of 24 hours. Which of the following would BEST meet the requirements of the business?
A warm site
The cost of ongoing operations when a disaster recovery plan (DRP) is in place, compared to not having a DRP, will MOST likely:
increase.
Depending on the complexity of an organization’s business continuity plan (BCP), it may be developed as a set of plans to address various aspects of business continuity and disaster recovery. In such an environment, it is essential that:
each plan is consistent with one another.
Determining the service delivery objective should be based PRIMARILY on:
the minimum acceptable operational capability.
A disaster recovery plan for an organization’s financial system specifies that the recovery point objective is zero and the recovery time objective is 72 hours. Which of the following is the MOST cost-effective solution?
Synchronous remote copy of the data in a warm site that can be operational in 48 hours
Disaster recovery planning addresses the:
technological aspect of business continuity planning (BCP).
Due to changes in IT, the disaster recovery plan of a large organization has been changed. What is the PRIMARY risk if the new plan is not tested?
Catastrophic service interruption
During a disaster recovery test, an IS auditor observes that the performance of the disaster recovery site’s server is slow. To find the root cause of this, the IS auditor should FIRST review the:
configurations and alignment of the primary and disaster recovery sites.
During an audit of a business continuity plan (BCP), an IS auditor found that, although all departments were housed in the same building, each department had a separate BCP. The IS auditor recommended that the BCPs be reconciled. Which of the following areas should be reconciled FIRST?
Evacuation plan
During an IS audit of the disaster recovery plan of a global enterprise, the auditor observes that some remote offices have very limited local IT resources. Which of the following observations would be the MOST critical for the IS auditor?
A test has not been made to ensure that local resources could maintain security and service standards when recovering from a disaster or incident.
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that:
execution of the disaster recovery plan could be impacted.
During the design of a business continuity plan, the business impact analysis identifies critical processes and supporting applications. This will PRIMARILY influence the:
recovery strategy.
A financial institution that processes millions of transactions each day has a central communications processor (switch) for connecting to automated teller machines. Which of the following would be the BEST contingency plan for the communications processor?
Alternate processor at another network node
For effective implementation after a business continuity plan (BCP) has been developed, it is MOST important that the BCP be:
communicated to appropriate personnel.
he frequent updating of which of the following is key to the continued effectiveness of a disaster recovery plan?
Contact information of key personnel
A hot site should be implemented as a recovery strategy when the:
disaster downtime tolerance is low.
If the recovery time objective increases:
the disaster tolerance increases.
In a contract with a hot, warm or cold site, contractual provisions should PRIMARILY cover which of the following considerations?
Number of subscribers permitted to use a site at one time
In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems?
Ensuring periodic dumps of transaction logs
In a disaster recovery situation, which of the following is the MOST important metric to ensure that data are synchronized between critical systems?
Recovery point objective
In determining the acceptable time period for the resumption of critical business processes:
both downtime costs and recovery costs need to be evaluated.
Integrating the business continuity plan into IT project management aids in:
the development of a more comprehensive set of requirements.
In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database?
Real-time replication to a remote site
In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy?
The recovery point objective is low.
An IS auditor can verify that an organization’s business continuity plan (BCP) is effective by reviewing the:
results of business continuity tests performed by IS and end-user personnel.
An IS auditor discovers that the disaster recovery plan (DRP) for a company does not include a critical application hosted in the cloud. Management’s response states that the cloud vendor is responsible for disaster recovery (DR) and DR-related testing. What is the NEXT course of action for the IS auditor to pursue?
Review the vendor contract to determine its DR capabilities.
An IS auditor evaluating the resilience of a high-availability network should be MOST concerned if:
the servers are clustered in one site.
An IS auditor is auditing an IT disaster recovery plan. The IS auditor should PRIMARILY ensure that the plan covers:
analysis and prioritization of business functions.
An IS auditor is conducting a review of the disaster recovery procedures for a data center. Which of the following indicators BEST shows that the procedures meet the requirements?
A tabletop exercise using the procedures was conducted.
An IS auditor is performing an audit in the data center when the fire alarm begins sounding. The audit scope includes disaster recovery, so the auditor observes the data center staff response to the alarm. Which of the following is the MOST important action for the data center staff to complete in this scenario?
Ensure all persons in the data center are evacuated.
An IS auditor is performing a review of the disaster recovery hot site used by a financial institution. Which of the following would be the GREATEST concern?
Disk space utilization data are not kept current.
An IS auditor is reviewing an organization’s recovery from a disaster in which not all the critical data needed to resume business operations were retained. Which of the following was incorrectly defined?
The recovery point objective
An IS auditor is reviewing the most recent disaster recovery plan of an organization. Which approval is the MOST important when determining the availability of system resources required for the plan?
IT management
An IS auditor notes during an audit that an organization’s business continuity plan does not adequately address information confidentiality during the recovery
process. The IS auditor should recommend that the plan be modified to include:
the level of information security required when business recovery procedures are invoked.
An IS auditor observed that multiple applications are hosted on the same server. The recovery time objective (RTO) for the server will be:
based on the application with the shortest RTO.
An IS auditor reviewing an organization’s disaster recovery plan should PRIMARILY verify that it is:
regularly reviewed and updated.
It is MOST appropriate to implement an incremental backup scheme when:
there is limited media capacity.
IT management has decided to install a level 1 Redundant Array of Inexpensive Disks (RAID) system in all servers to compensate for the elimination of offsite backups. The IS auditor should recommend:
reinstating the offsite backups.
A large chain of shops with electronic funds transfer at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor?
Alternative standby processor at another network node
A live test of a mutual agreement for IT system recovery has been carried out, including a four-hour test of intensive usage by the business units. The test has been successful, but gives only partial assurance that the:
system and the IT operations team can sustain operations in the emergency environment.
A lower recovery time objective results in:
higher cost.
The MAIN criterion for determining the severity level of a service disruption incident is:
downtime.
The MAIN purpose for periodically testing offsite disaster recovery facilities is to:
ensure the continued compatibility of the contingency facilities.
