Domain 4: IT Operations

Question 1

Protocol analyzers

Answer 1

Protocol analyzers are network diagnostic tools that monitor and record network information from packets traveling in the link to which the analyzer is attached.

Question 2

Capacity management

Answer 2

Capacity management is the planning and monitoring of computer resources to ensure that available IT resources are used efficiently and effectively. This will look at capacity from a strategic viewpoint and allow a plan to forecast and purchase additional equipment in a planned manner.

Question 3

Parameter Settings

Answer 3

Configuration parameters allow a standard piece of software to be customized for diverse environments and are important in determining how a system runs. The parameter settings should be appropriate to an organization’s workload and control environment.

Question 4

control to monitor the service level agreement (SLA)

Answer 4

Comparing internal reports with the vendor’s service level agreement (SLA) reports would ensure that the vendor’s monitoring of the SLA is accurate and that all conflicts are appropriately resolved.

Question 5

Open Source Software

Answer 5

There are many types of open source software licenses and each has different terms and conditions. Some open source software licensing allows use of the open source software component freely, but requires that the completed software product must also allow the same rights. This is known as viral licensing, and if the development organization is not careful, its products could violate licensing terms by selling the product for profit. The IS auditor should be most concerned with open source software licensing compliance to avoid unintended intellectual property risk or legal consequences.

Question 6

Cyclic Redundancy Check

Answer 6

The cyclic redundancy check (CRC) can check for a block of transmitted data. The workstations generate the CRC and transmit it with the data. The receiving workstation computes a CRC and compares it to the transmitted CRC. If both of them are equal, then the block is assumed error free. In this case (such as in parity error or echo check), multiple errors can be detected. In general, CRC can detect all single-bit and double-bit errors.

Question 7

Parity Check

Answer 7

Parity check (known as vertical redundancy check) also involves adding a bit (known as the parity bit) to each character during transmission. In this case, where there is a presence of bursts of errors (i.e., impulsing noise during high transmission rates), it has a reliability of approximately 50 percent. In higher transmission rates, this limitation is significant.

Question 8

echo checks

Answer 8

Echo checks detect line errors by retransmitting data to the sending device for comparison with the original transmission.

Question 9

Alternative Routing

Answer 9

Alternative routing would ensure that the network would continue if a communication device fails or if a link is severed because message rerouting could be automatic.Alternative routing is a method of routing information via an alternate medium such as copper cable or fiber optics

Question 10

User spool and database limit controls

Answer 10

User spool limits restrict the space available for running user queries. This prevents poorly formed queries from consuming excessive system resources and impacting general query performance. Limiting the space available to users in their own databases prevents them from building excessively large tables. This helps to control space utilization which itself acts to help performance by maintaining a buffer between the actual data volume stored and the physical device capacity

Question 11

Diverse routing

Answer 11

Diverse routing routes traffic through split-cable facilities or duplicate-cable facilities. This can be accomplished with different and/or duplicate cable sheaths. If different cable sheaths are used, the cable may be in the same conduit and, therefore, subject to the same interruptions as the cable it is backing up.

Question 12

Computer clocks across an organization be synchronized

Answer 12

During an investigation of incidents, audit logs are used as evidence, and the time stamp information in them is useful. If the clocks are not synchronized, investigations will be more difficult because a time line of events occurring on different systems might not be easily established.

Question 13

Management of Storage Growth

Answer 13

In case of a crash, recovering a server with an extensive amount of data could require a significant amount of time. If the recovery cannot meet the RTO, there will be a discrepancy in IT strategies. It is important to ensure that server restoration can meet the RTO.

Question 14

central communications processor

Answer 14

Alternative standby processor at another network node

Question 15

tape management system

Answer 15

If the IS auditor finds that there are effective staging and job setup processes, this can be accepted as a compensating control. Not reading header records may otherwise result in loading the wrong tape and deleting or accessing data on the loaded tape.

Question 16

hardware maintenance schedule

Answer 16

Although maintenance requirements vary based on complexity and performance workloads, a hardware maintenance schedule should be validated against the vendor-provided specifications.

Question 17

Network monitoring Tools

Answer 17

B. Network monitoring tools allow observation of network performance and problems. This allows the administrator to take corrective action when network problems are observed. Therefore, the characteristic that benefits the most from network monitoring is availability.

Question 18

Primary Objective of Capacity Monitoring

Answer 18

monitoring technical capacity because it can help forecast future demands, not just react to system failures. However, the primary responsibility of the IT manager is to meet the overall requirement to ensure that IT is meeting the service level expectations of the business.

Question 19

Topology for Network Configuration

Answer 19

1. The first step is to understand the importance and role of the network device within the organization’s network topology.
2. Identification of which component is missing can only be known upon reviewing and understanding the topology and a good practice for deployment of the device in the network
   3.

Question 20

Resilience of a High Availability Network

Answer 20

A. Dispersed geographic locations provide backup if a site has been destroyed.

B. A clustered setup in one location makes the entire network vulnerable to natural disasters or other disruptive events.

C. A hot site would also be a good alternative for a single point-of-failure site.

D. Diverse routing provides telecommunications backup if a network is not available.

Question 21

Switches

Answer 21

Switches are at a low level of network security and transmit a packet to the device to which it is addressed. This reduces the ability of one device to capture the packets that are meant for another device.

Question 22

Routers

Answer 22

Routers allow packets to be given or denied access based on the addresses of the sender and receiver, and the type of packet.

Question 23

Retention Date

Answer 23

A retention date will ensure that a file cannot be overwritten or deleted before that date has passed.

Question 24

Server Utilization Data

Answer 24

Monitoring server utilization identifies underutilized servers and monitors overall server utilization. Underutilized servers do not provide the business with optimal cost-effectiveness. By monitoring server usage, IT management can take appropriate measures to raise the utilization ratio and provide the most effective return on investment (ROI).

Question 25

unshielded twisted-pair (UTP)

Answer 25

The use of unshielded twisted-pair (UTP) in copper will reduce the likelihood of crosstalk.

Question 26

Server Failure

Answer 26

Clustering allows two or more servers to work as a unit so that when one of them fails, the other takes over.

Question 27

Redundant Pathways

Answer 27

Redundant pathways will minimize the impact of channel communications failures but will not address the problem of server failure.

Question 28

Availability Monitoring

Answer 28

When it comes to capacity monitoring- availability monitoring through the use of continuous monitoring is KEY