CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 323
1. To address an organization's disaster recovery requirements, backup intervals should not exceed the:
A) service level objective (SLO).
B) recovery time objective (RTO).
C) recovery point objective (RPO).
D) maximum acceptable outage (MAO).
2. After completing the business impact analysis (BIA), what is the next step in the business continuity planning process?
A) Test and maintain the plan.
B) Develop a specific plan.
C) Develop recovery strategies.
D) implement the plan.
3. Which of the following is an appropriate test method to apply to a business continuity plan (BCP)?
A) Pilot
B) Paper
C) Unit
D) System
4. An IS auditor has audited a business continuity plan (BCP). Which of the following findings is the MOST critical?
A) Nonavailability of an alternate private branch exchange (PBX) system
B) Absence of a backup for the network backbone
C) Lack of backup systems for the users' PCs
D) Failure of the access card system
5. As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis?
A) Organizational risks, such as single point-of-failure and infrastructure risk
B) Threats to critical business processes
C) Critical business processes for ascertaining the priority for recovery
D) Resources required for resumption of business
A) service level objective (SLO).
B) recovery time objective (RTO).
C) recovery point objective (RPO).
D) maximum acceptable outage (MAO).
2. After completing the business impact analysis (BIA), what is the next step in the business continuity planning process?
A) Test and maintain the plan.
B) Develop a specific plan.
C) Develop recovery strategies.
D) implement the plan.
3. Which of the following is an appropriate test method to apply to a business continuity plan (BCP)?
A) Pilot
B) Paper
C) Unit
D) System
4. An IS auditor has audited a business continuity plan (BCP). Which of the following findings is the MOST critical?
A) Nonavailability of an alternate private branch exchange (PBX) system
B) Absence of a backup for the network backbone
C) Lack of backup systems for the users' PCs
D) Failure of the access card system
5. As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis?
A) Organizational risks, such as single point-of-failure and infrastructure risk
B) Threats to critical business processes
C) Critical business processes for ascertaining the priority for recovery
D) Resources required for resumption of business
1. Right Answer: C
Explanation: The recovery point objective (RPO) defines the point in time to which data must be restored after a disaster so as to resume processing transactions. Backups should be performed in a way that the latest backup is no older than this maximum time frame. If service levels are not met, the usual consequences are penalty payments, not cessation of business. Organizations will try to set service level objectives (SLOs) so as to meet established targets. The resulting time for the service level agreement (SLA) will usually be longer than the RPO. The recovery time objective (RTO) defines the time period after the disaster in which normal business functionality needs to be restored. The maximum acceptable outage (MAO) is the maximum amount of system downtime that is tolerable. It can be used as a synonym for RTO. However, the RTO denotes an objective/target, while the MAO constitutes a vital necessity for an organization's survival.
2. Right Answer: C
Explanation: The next phase in the continuity plan development is to identify the various recovery strategies and select the most appropriate strategy for recovering from a disaster. After selecting a strategy, a specific plan can be developed, tested and implemented.
3. Right Answer: B
Explanation: A paper test is appropriate for testing a BCP. it is a walkthrough of the entire plan, or part of the plan, involving major players in the plan's execution, who reason out what may happen in a particular disaster. Choices A, C and D are not appropriate for a BCP.
4. Right Answer: B
Explanation: Failure of a network backbone will result in the failure of the complete network and impact the ability of all users to access information on the network. The nonavailability of an alternate PBX system will result in users not being able to make or receive telephone calls or faxes; however, users may have alternate means of communication, such as a mobile phone or e-mail. Lack of backup systems for user PCs will impact only the specific users, not all users. Failure of the access card system impacts the ability to maintain records of the users who are entering the specified work areas; however, this could be mitigated by manual monitoring controls.
5. Right Answer: C
Explanation: The identification of the priority for recovering critical business processes should be addressed first. Organizational risks should be identified next, followed by the identification of threats to critical business processes. Identification of resources for business resumption will occur after the tasks mentioned.
Explanation: The recovery point objective (RPO) defines the point in time to which data must be restored after a disaster so as to resume processing transactions. Backups should be performed in a way that the latest backup is no older than this maximum time frame. If service levels are not met, the usual consequences are penalty payments, not cessation of business. Organizations will try to set service level objectives (SLOs) so as to meet established targets. The resulting time for the service level agreement (SLA) will usually be longer than the RPO. The recovery time objective (RTO) defines the time period after the disaster in which normal business functionality needs to be restored. The maximum acceptable outage (MAO) is the maximum amount of system downtime that is tolerable. It can be used as a synonym for RTO. However, the RTO denotes an objective/target, while the MAO constitutes a vital necessity for an organization's survival.
2. Right Answer: C
Explanation: The next phase in the continuity plan development is to identify the various recovery strategies and select the most appropriate strategy for recovering from a disaster. After selecting a strategy, a specific plan can be developed, tested and implemented.
3. Right Answer: B
Explanation: A paper test is appropriate for testing a BCP. it is a walkthrough of the entire plan, or part of the plan, involving major players in the plan's execution, who reason out what may happen in a particular disaster. Choices A, C and D are not appropriate for a BCP.
4. Right Answer: B
Explanation: Failure of a network backbone will result in the failure of the complete network and impact the ability of all users to access information on the network. The nonavailability of an alternate PBX system will result in users not being able to make or receive telephone calls or faxes; however, users may have alternate means of communication, such as a mobile phone or e-mail. Lack of backup systems for user PCs will impact only the specific users, not all users. Failure of the access card system impacts the ability to maintain records of the users who are entering the specified work areas; however, this could be mitigated by manual monitoring controls.
5. Right Answer: C
Explanation: The identification of the priority for recovering critical business processes should be addressed first. Organizational risks should be identified next, followed by the identification of threats to critical business processes. Identification of resources for business resumption will occur after the tasks mentioned.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment