Domain 4 Practice Questions

Question 1

Which of the following provides the BEST method for determining the level of performance provided by similar information processing facility environments?

Answer 1

Benchmarking

Question 2

For mission critical systems with a low tolerance to interruption and a high cost of recovery, the IS auditor, in principle, recommends the use of which of the following recovery options?

Answer 2

Hot site

Question 3

Which of the following is the MOST effective method for an IS auditor to use in testing the program change management process?

Answer 3

Trace from system-generated information to the change management documentation

Question 4

Which of the following would allow an enterprise to extend its intranet across the Internet to its business partners?

Answer 4

VPN

Question 5

The classification based on criticality of a software application as part of an IS business continuity plan is determined by the:

Answer 5

nature of the business and the value of the application to the business

Question 6

When conducting an audit of client-server database security, the IS auditor should be MOST concerned about the availability of:

Answer 6

system utilities

Question 7

When reviewing a network used for Internet communications, an IS auditor will FIRST examine the:

Answer 7

network architecture and design

Question 8

An IS auditor should be involved in:

Answer 8

observing tests of the disaster recovery plan

Question 9

Data mirroring should be implemented as a recovery strategy when:

Answer 9

recovery point objective (RPO) is low

Question 10

Which of the following components of a business continuity plan is PRIMARILY the responsibility of an organization’s IS department?

Answer 10

Restoring the IT systems and data after a disaster