Interested to Buy Any Domain ? << Click Here >> for more details...
At the end of a simulation of an operational contingency
test, the IS auditor performed a review of the recovery
process. The IS auditor concluded that the recovery took
more than the critical time frame allows. Which of the
following actions should the auditor recommend?
A. Widen the physical capacity to accomplish better mobility
in a shorter time.
B. Shorten the distance to reach the hot site.
C. Perform an integral review of the recovery tasks.
D. Increase the number of human resources involved in the
recovery process.
- 1 Answers
- 3867 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The performance of an exhaustive review of the recovery
tasks would be appropriate to determine time invested in
each task and the way each was conducted. This would allow
the individual responsible for the test to adjust the time
assigned for the recovery tasks. The other choices could be
conclusions, once the first analysis was made.
| Is This Answer Correct ? | 3 Yes | 0 No |
In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.
After a full operational contingency test, the IS auditor performs a review of the recovery steps and concludes that the elapsed time until the technological environment and systems were actually functioning, exceeded the required critical recovery time. Which of the following should the auditor recommend? A. Perform an integral review of the recovery tasks. B. Broaden the processing capacity to gain recovery time. C. Make improvements in the facility's circulation structure. D. Increase the amount of human resources involved in the recovery.
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure (PKI) with digital certificates for its business-to-consumer transactions via the Internet? A. Customers are widely dispersed geographically, but the certificate authorities (CAs) are not. B. Customers can make their transactions from any computer or mobile device. C. The CA has several data processing subcenters to administer certificates. D. The organization is the owner of the CA.
Which of the following database administrator (DBA) activities is unlikely to be recorded on detective control logs? A. Deletion of a record B. Change of a password C. Disclosure of a password D. Changes to access rights
The PRIMARY advantage of a continuous audit approach is that it: A. does not require an IS auditor to collect evidence on system reliability while processing is taking place. B. requires the IS auditor to review and follow up immediately on all information collected. C. can improve system security when used in time-sharing environments that process a large number of transactions. D. does not depend on the complexity of an organization's computer systems.
Which of the following BEST provides access control to payroll data being processed on a local server? A. Logging of access to personal information B. Separate password for sensitive transactions C. Software restricts access rules to authorized staff D. System access restricted to business hours
When an information security policy has been designed, it is MOST important that the information security policy be: A. stored offsite. B. written by IS management. C. circulated to users. D. updated frequently.
The use of residual biometric information to gain unauthorized access is an example of which of the following attacks? A. Replay B. Brute force C. Cryptographic D. Mimic
A hacker could obtain passwords without the use of computer tools or programs through the technique of: A. social engineering. B. sniffers. C. backdoors. D. trojan horses.
In reviewing the IS short-range (tactical) plan, the IS auditor should determine whether: A. there is an integration of IS and business staffs within projects. B. there is a clear definition of the IS mission and vision. C. there is a strategic information technology planning methodology in place. D. the plan correlates business objectives to IS goals and objectives.
In the course of performing a risk analysis, an IS auditor has identified threats and potential impacts. Next, an IS auditor should: A. identify and assess the risk assessment process used by management. B. identify information assets and the underlying systems. C. disclose the threats and impacts to management. D. identify and evaluate the existing controls.
The information that requires special precaution to ensure integrity is termed? A. Public data B. Private data C. Personal data D. Sensitive data
Cisco Certifications 
