After a full operational contingency test, the IS auditor
performs a review of the recovery steps and concludes that
the elapsed time until the technological environment and
systems were actually functioning, exceeded the required
critical recovery time. Which of the following should the
auditor recommend?
A. Perform an integral review of the recovery tasks.
B. Broaden the processing capacity to gain recovery time.
C. Make improvements in the facility's circulation structure.
D. Increase the amount of human resources involved in the
recovery.
- 1 Answers
- 4299 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Performing an exhaustive review of the recovery tasks would
be appropriate to identify the way these tasks were
performed, the time allocated to each of the steps required
to accomplish recovery, and determine where adjustments can
be made. Choices B, C, and D could be actions after the
described review has been completed.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following would not prevent the loss of an asset but would assist in recovery by transferring part of the risk to a third party? A. Full system backups B. Insurance C. Testing D. Business impact analysis
During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.
Which of the following is intended to detect the loss or duplication of input? A. Hash totals B. Check digits C. Echo checks D. Transaction codes
The process of using interpersonal communication skills to get unauthorized access to company assets is called: A. wire tapping. B. trap doors. C. war dialing. D. social engineering.
Which of the following is a strength of the program evaluation review technique (PERT) over other techniques? PERT: A. considers different scenarios for planning and control projects. B. allows the user to input program and system parameters. C. tests system maintenance processes accurately. D. estimates costs of system projects.
IS management has decided to rewrite a legacy customer relations system using fourth-generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? A. Inadequate screen/report design facilities B. Complex programming language subsets C. Lack of portability across operating systems D. Inability to perform data intensive operations
In a client-server architecture, a domain name service (DNS) is MOST important because it provides the: A. address of the domain server. B. resolution service for the name/address. C. IP addresses for the Internet. D. domain name system.
Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.
The window of time recovery of information processing capabilities is based on the: A. criticality of the processes affected. B. quality of the data to be processed. C. nature of the disaster. D. applications that are mainframe based.
A distinction that can be made between compliance testing and substantive testing is that compliance testing tests: A. details, while substantive testing tests procedures. B. controls, while substantive testing tests details. C. plans, while substantive testing tests procedures. D. for regulatory requirements, while substantive testing tests validations.
The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is: A. data integrity. B. authentication. C. nonrepudiation. D. replay protection.
Testing the connection of two or more system components that pass information from one area to another is: A. pilot testing. B. parallel testing C. interface testing. D. regression testing.
Cisco Certifications 
