Transcript MOST - Casansaar
Slide 1
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 2
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 3
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 4
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 5
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 6
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 7
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 8
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 9
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 10
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 11
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 12
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 13
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 14
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 15
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 16
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 17
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 18
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 19
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 20
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 21
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 22
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 23
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 24
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 25
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 26
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 27
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 28
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 29
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 30
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 31
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 32
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 33
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 34
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 35
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 36
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 37
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 38
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 39
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 40
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 41
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 42
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 43
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 44
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 45
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 46
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 2
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 3
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 4
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 5
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 6
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 7
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 8
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 9
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 10
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 11
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 12
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 13
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 14
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 15
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 16
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 17
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 18
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 19
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 20
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 21
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 22
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 23
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 24
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 25
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 26
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 27
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 28
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 29
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 30
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 31
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 32
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 33
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 34
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 35
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 36
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 37
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 38
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 39
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 40
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 41
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 42
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 43
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 44
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 45
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS
Slide 46
Q Organizations
practice contingency plans because it
makes good business sense. Which of the following
is the CORRECT sequence of steps involved in the
contingency planning process?
1
2
3
4
(a)
(b)
(c)
(d)
Anticipating potential disasters
Identifying critical functions
Selecting contingency plan strategies
Identifying the resources that support critical functions
1, 2, 3, 4
1, 3, 2, 4
2, 1, 4, 3
2, 4, 1, 3
D. 2, 4, 1, 3
Q What is the inherent limitations of a disaster recovery
planning exercise?
(a) Inability to include all types of disasters
(b) Assembling disaster management and recovery teams
(c) Developing early warning monitors that will trigger alerts
and response
(d) Conducting periodic drills
A. Inability to include all types of disasters
Q Who
would be primarily responsible for establishing
organization-wide contingency plan?
(a) Chief information officer
(b) Disaster recovery manager
(c) The board of directors
(d) Audit director
C. The board of directors
Q Disaster
recovery plan protect against WHICH of the
following?
(a) Physical losses
(b) Economic losses
(c) Equipment losses
(d) Inventory losses
B. Economic losses
Q When senior management support for a DRP project
has been obtained and resources have been
authorized for the development of a disaster recovery
document, the individuals who will do the actual
writing of the plan should be selected on the basis of
their:
(a) Technical knowledge of IS operating systems, databases
and telecommunications
(b) Consulting background with hardware and software
vendors
(c) Consulting experience with clients or customers in the
same industry
(d) Broad perspective of the organization and ability to
D. Broad perspective of the organization and ability to recognize
recognize all the possible consequences of a disaster
all the possible consequences of a disaster
Q Emergency actions are taken at the incipient stage of
a disaster with the objectives of preventing injuries or
loss of life and of
(a)
determining the extent of property damage
(b) protecting evidence
(c) preventing looting and further damage
(d) mitigating the damage to avoid the need for recovery
D. mitigating the damage to avoid the need for recovery
organization’s disaster recovery plan SHOULD
address early recovery of:
Q An
A.
B.
C.
D.
All information system processes
All financial processing applications
Only those applications designated by the IS Manager
Processing in priority order, as defined by business management
D. Processing in priority order, as defined by business management
Q Disaster recovery planning for a company’s computer
system usually focuses on:
A.
B.
C.
D.
Operations turnover procedures
Strategic long range planning
The probability that a disaster will occur
Alternative procedures to process transactions
D. Alternative procedures to process transactions
Q Which
of the following steps would an IS auditor
normally perform FIRST in a security review?
A.
B.
C.
D.
Evaluate physical access test results
Determine the risks/threats to the data center site
Review business continuity procedures
Test for evidence of physical access at suspect locations
B. Determine the risks/threats to the data center site
Q What
is the single MAJOR item that is often ignored
during the development of a disaster recovery plan
for an organization?
A.
B.
C.
D.
Roles and responsibilities of DRP team members
Critical areas of threats and vulnerabilities
Functional user operations
Conducting risk or impact analysis
C. Functional user operations
Q An
organization is contemplating developing a
computer related disaster recovery plan for the first
time. The BEST practice would be to:
A.
B.
C.
D.
Follow a bottom up approach
Call other companies in the same industry
Call a commercial backup service provide
Follow a top-down approach
D. Follow a top-down approach
Q The
BEST approach to maintaining a contingency
plan in order to recover from computer related
disaster would be to use a:
A.
B.
C.
D.
Top-down approach
Bottom up approach
Combination of top-down and bottom up approaches
Consultant directed approach
C. Combination of top-down and bottom up approaches
Q To develop a successful business continuity plan,end
user involvement is critical during which of the
following phases:
A.
B.
C.
D.
Business recovery strategy
Detailed plan development
Business impact analysis (BIA)
Testing and maintenance
C. Business impact analysis(BIA)
Q Which
of the following disaster scenarios is NOT
commonly considered during the development of
disaster recovery and contingency planning?
A.
B.
C.
D.
Network failure
Hardware failure
Software failure
Failure of the local telephone company
D. Failure of the local telephone company
of the following can be called “the disaster
recovery plan of the LAST resort”?
Q Which
A.
B.
C.
D.
A contract with a recovery center
A demonstration of the recovery center’s capabilities
A tour of the recovery center
An insurance policy
D. An insurance policy
Q Which
of the following tasks should be performed
FIRST when preparing a Disaster Recovery Plan?
A.
B.
C.
D.
Develop a recovery strategy
Perform a business impact analysis(BIA)
Map software systems,hardware and network components
Appoint recovery teams with defined personnel,roles and hierarchy.
B. Perform a business impact analysis (BIA)
Q After
completing
the
business
impact
analysis(BIA),what is the next step in the business
continuity planning (BCP) process?
A.
B.
C.
D.
Test and maintain the plan
Develop a specific plan
Develop recovery strategies
Implement the plan.
C. Develop recovery strategies
Q During an audit of a business continuity plan,an IS auditor
found that,although all departments were housed in the same
building,each department had a separate business continuity
plan.The IS auditor recommended that the business continuity
plans be reconciled.Which of the following areas should be
reconciled FIRST?
A.
B.
C.
D.
Evacuation plan
Recovery priorities
Backup storages
Call tree.
A. Evacuation plan
Q An
IS auditor performing a review of the back-up
processing facilities would be MOST concerned that:
(a) adequate fire insurance exists
(b) regular hardware maintenance is performed
(c) off-site storage of transaction and master files exists
(d) backup processing facilities are fully tested
C. off-site storage of transaction and master files exists
Q Which of the following represents the GREATEST risk
created by a reciprocal agreement for disaster
recovery made between two companies?
(a) Developments may result in hardware and software
incompatibility
(b) Resources may not be available when needed
(c) The recovery plan cannot be tested
(d) The security infrastructure in each company may be
different
A. Developments may result in hardware and software incompatibility
Q Which of the following is MOST important to have in a
disaster recovery plan?
(a) Backup of compiled object programs
(b) Reciprocal processing agreement
(c) Phone contact list
(d) Supply of special forms
A. Backup of compiled object programs
Q An IS auditor
reviewing an organization's information
systems DRP should verify that it is:
(a) tested every 6 months
(b) regularly reviewed and updated
(c) approved by the Chief Executive Officer (CEO)
(d) communicated to every department head
organization
B. regularly reviewed and updated
in
the
Q The LEAST critical factor in estimating the maximum
tolerable downtime during a disaster is:
(a) Availability of a cold site during the disaster
(b) Time of the disaster
(c) Applications affected by the disaster
(d) Length of the disaster
A. Availability of a cold site during the disaster
Q During
a disaster, which of the following application
systems should be recovered FIRST?
(a) General ledger system
(b) Supplies tracking system
(c) Fixed asset system
(d) Claims processing system
D. Claims processing system
Q Fire
has swept through the premises of an
organization’s computer room. The company has lost
its entire computer system. The BEST thing the
organization could have done is to:
(a) Plan for cold site arrangements
(b) Plan for mutual agreements-negotiate with other similar
organizations to back each other
(c) Plan for warm site arrangements since everything was
ready to go
(d) Take daily backups to an off-site storage facilities
D. Take daily backups to an off-site storage facilities
Q Which of the following rationale is NOT a sound one?
DRP should be tested:
(a) By simulation
(b) In stages
(c) In an unannounced manner
(d) In actual use
D. In actual use
Q Most business continuity tests should:
(a) Be conducted at the same time as normal business
operations.
(b) Address all system components.
(c) Evaluate the performance of personnel.
(d) Be monitored by the IS Auditor.
C. Evaluate the performance of personnel.
Q The
MOST effective way to ascertain the hot-site
vendor’s integrity in practices and priorities in the
resource sharing area is to:
(a) Review all subscriber contracts with the hot-site vendors
(b) Observe an actual disaster at the hot-site vendor
(c) Request a copy of the actual external audit report
(d) Request the hot-site vendor’s compliance in writing
C. Request a copy of the actual external audit report
of the following is NOT true? A “cold-site”
computer facility includes:
Q Which
(a) Heat, humidity and air conditioning equipment
(b) CPU and other computer equipment
(c) Electrical power connections
(d) Telecommunications connections
B. CPU and other computer equipment
Q What is a hot-site facility?
4
(a) A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
(b) A site in which space is reserved with pre-installed wiring and raised
floors.
(c) A site with raised flooring, air conditioning, telecommunications, and
networking equipment, and UPS.
(d) A site with ready made work space with telecommunications
equipment, LANs, PCs, and terminals for work groups.
A. A site with pre-installed computers, raised flooring, air conditioning,
telecommunications and networking equipment, and UPS.
Q Which of the following would an IS auditor consider to
be MOST important to review when conducting a
business continuity audit?
A.
B.
C.
D.
A hot site is contracted for and available as needed
A business continuity manual is available and current
Insurance coverage is adequate and premiums are current.
Media backups are performed on a timely basis and stored off-site
D. Media backups are performed on a timely basis and stored off-site
Q Which
of the following business recovery strategies
would require the LEAST expenditure of funds?
A.
B.
C.
D.
Warm site facility
Empty shell facility
Hot site subscription
Reciprocal agreement
D. Reciprocal agreement
Q An
advantage of the use of HOT-SITE as a backup
alternative is:
A. The cost associated with “hot sites” are low
B. That “hot sites” can be used for an extended amount of time
C. That “hot sites” can be made ready for operation with in short span
of time
D. That “hot sites” do not require that equipment and systems software
be compatible with the primary installations being backed up
C. That “hot sites” can be made ready for operation with in short span of time
Q Which
of the following control concepts SHOULD be
included in a comprehensive test of disaster recovery
procedures?
A.
B.
C.
D.
Invite client participation
Involve all technical staff
Rotate recovery managers
Install locally stored backups
C. Rotate recovery managers
Q The
MAIN purpose for periodically testing off-site
hardware backup facilities is to:
A.
B.
C.
D.
Ensure the integrity of the data in the database
Eliminate the need to develop detailed contingency plans
Ensure the continued compatibility of the contingency facilities
Ensure that program and system documentation remains current
C. Ensure the continued compatibility of the contingency facilities
Q Losses
can be minimized MOST effectively by using
outside storage facilities to do which of the following?
A. Include current, critical information in backup files
B. Ensure that current documentation is maintained at the backup
facility
C. Test backup hardware
D. Train personnel in backup procedures
A. Include current, critical information in backup files
Q The
primary contingency strategy for application
systems and data is regular backup and secure offsite storage. Which of the following decisions is
LEAST important to address?
A.
B.
C.
D.
How often the backup is performed
How often the backup is stored off-site
How often the backup is used
How often the backup is transported
C. How often the backup is used
Q Which
of the following is LEAST expensive in terms
of providing backup computer facilities?
A.
B.
C.
D.
Mutual agreements
Shared facilities
Service bureaus
Companies own duplicate facilities
A. Mutual agreements
Q Which
of the following is NOT an assumption made
during the development of a disaster recovery and
contingency plan?
A. Testing and maintenance of the contingency plan should be
continual
B. All resources and materials required to restore the processing
capability at the backup recovery site should be obtainable off-site
C. All the less critical jobs need not be recovered
D. In a multi-site environment, a separate set of recovery plans should
be developed for each computer center
C. All the less critical jobs need not be recovered
Q Identify
the item THAT demonstrate the ability of an
organization to provide immediate, reliable and clear
information during different types of disaster?
A. A comprehensive and written disaster recovery plan
B. A written plan with a well-organized table of contents and easy to
follow instructions
C. A written plan that is approved by senior management and auditors
D. Drills and exercises
D. Drills and exercises
QA
hot site should be implemented as a recovery
strategy when the:
A. Disaster tolerance is low
B. recovery point objective(RPO) is high
C. recovery time objective(RTO) is high
D. Disaster tolerance is high
A. Disaster tolerance is low
Q In
which of the following situations is it MOST
appropriate to implement data mirroring as the
recovery strategy:
A. Disaster tolerance is high
B. Recovery time objective is high
C. Recovery point objective is low
D. Recovery point objective is high
C. Recovery point objective is low
Q There is a debate over how often a disaster recovery
plan should be tested. The frequency of testing
SHOULD depend on:
A.
B.
C.
D.
An auditor’s recommendation
The nature of data processing
Budget allowances
Management opinion
B. The nature of data processing
Q Which
of the following statements about backups is
true?
A.
B.
C.
D.
Backups are most important for mainframe computers
Lack of procedures is not a problem for conducting backups
Backups provide for continuity of operations
The types of data transfer does not matter for timely backups
C. Backups provide for continuity of operations
THANKS