The MOST significant level of effort for business continuity
planning (BCP) generally is required during the:
A. testing stage.
B. evaluation stage.
C. maintenance stage.
D. early stages of planning.
- 2 Answers
- 8917 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
A company in the early stages of a BCP will incur the most
significant level of program development effort, which will
level out as the BCP moves into maintenance, testing and
evaluation stages. It is during the planning stage that an
IS auditor will play an important role in obtaining senior
management's commitment to resources and assignment of BCP
responsibilities.
| Is This Answer Correct ? | 10 Yes | 0 No |
Which of the following provides the GREATEST assurance of message authenticity? A. The pre-hash code is derived mathematically from the message being sent. B. The pre-hash code is encrypted using the sender's private key. C. Encryption of the pre-hash code and the message using the secret key. D. Sender attains the recipient's public key and verifies the authenticity of its digital certificate with a certificate authority.
Which of the following tests confirm that the new system can operate in its target environment? A. Sociability testing B. Regression testing C. Validation testing D. Black box testing
A database administrator is responsible for: A. defining data ownership. B. establishing operational standards for the data dictionary. C. creating the logical and physical database. D. establishing ground rules for ensuring data integrity and security.
Which of the following procedures can a biometric system perform? A. Measure airborne contamination. B. Provide security over physical access. C. Monitor temperature and humidity levels. D. Detect hazardous electromagnetic fields in an area.
The implementation of cost-effective controls in an automated system is ultimately the responsibility of the: A. system administrator. B. quality assurance function. C. business unit management. D. chief of internal audit.
Which of the following functions is performed by a virtual private network (VPN)? A. Hiding information from sniffers on the net B. Enforcing security policies C. Detecting misuse or mistakes D. Regulating access
During a review of a customer master file an IS auditor discovered numerous customer name duplications arising from variations in customer first names. To determine the extent of the duplication the IS auditor would use: A. test data to validate data input. B. test data to determine system sort capabilities. C. generalized audit software to search for address field duplications. D. generalized audit software to search for account field duplications.
Which of the following steps would an IS auditor normally perform FIRST in a data center security review? A. Evaluate physical access test results. B. Determine the risks/threats to the data center site. C. Review business continuity procedures. D. Test for evidence of physical access at suspect locations.
A malicious code that changes itself with each file it infects is called a: A. logic bomb. B. stealth virus. C. trojan horse. D. polymorphic virus.
Which of the following provides the framework for designing and developing logical access controls? A. Information systems security policy B. Access control lists C. Password management D. System configuration files
Which of the following is MOST directly affected by network performance monitoring tools? A. Integrity B. Availability C. Completeness D. Confidentiality
Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.
Cisco Certifications 
