Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following components of a business continuity
plan is PRIMARILY the responsibility of an organization?s IS
department?
A. Developing the business continuity plan
B. Selecting and approving the strategy for business
continuity plan
C. Declaring a disaster
D. Restoring the IS systems and data after a disaster
- 1 Answers
- 7170 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
The correct choice is restoring the IT systems and data
after a disaster. The IT department of an organization is
primarily responsible for restoring the IT systems and data
after a disaster at the earliest possible time. The senior
management of the organization is primarily responsible for
developing the business continuity plan for an organization.
They are also responsible for selecting and approving the
strategy for developing and implementing a detailed business
continuity plan. The organization should identify a person
in management as responsible for declaring a disaster.
Although IT is involved in all the other three components,
it is not primarily responsible for them.
| Is This Answer Correct ? | 4 Yes | 0 No |
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
In which of the following phases of the system development life cycle (SDLC) is it the MOST important for the IS auditor to participate? A. Design B. Testing C. Programming D. Implementation
To meet pre-defined criteria, which of the following continuous audit techniques would BEST identify transactions to audit? A. Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM) B. Continuous and Intermittent Simulation (CIS) C. Integrated Test Facilities (ITF) D. Audit hooks
Congestion control is BEST handled by which OSI layer? A. Data link B. Session layer C. Transport layer D. Network layer
Which of the following methods of providing telecommunication continuity involves routing traffic through split- or duplicate-cable facilities? A. Diverse routing B. Alternative routing C. Redundancy D. Long haul network diversity
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
The MOST significant level of effort for business continuity planning (BCP) generally is required during the: A. testing stage. B. evaluation stage. C. maintenance stage. D. early stages of planning.
An IS auditor discovers evidence of fraud perpetrated with a manager's user id. The manager had written the password, allocated by the system administrator, inside his/her desk drawer. The IS auditor should conclude that the: A. manager's assistant perpetrated the fraud. B. perpetrator cannot be established beyond doubt. C. fraud must have been perpetrated by the manager. D. system administrator perpetrated the fraud.
When reviewing a system development project at the project initiation stage, an IS auditor finds that the project team is following the organization's quality manual. To meet critical deadlines the project team proposes to fast track the validation and verification processes, commencing some elements before the previous deliverable is signed off. Under these circumstances, the IS auditor would MOST likely: A. report this as a critical finding to senior management. B. accept that different quality processes can be adopted for each project. C. report to IS management the team's failure to follow quality procedures. D. report the risks associated with fast tracking to the project steering committee.
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.
Which of the following would not prevent the loss of an asset but would assist in recovery by transferring part of the risk to a third party? A. Full system backups B. Insurance C. Testing D. Business impact analysis
Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.
Cisco Certifications 
