During the review of an organization's disaster recovery and
business continuity plan, the IS auditor found that a paper
test was performed to verify the existence of all necessary
procedures and actions within the recovery plan. This is a:
A. preparedness test.
B. module test.
C. full test.
D. walk-through test.
- 1 Answers
- 3724 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
A walk-through test is an exercise, to verify the existence
of all necessary procedures and actions specified within the
recovery plan. A preparedness test is the smallest set
(component) of instructions within the recovery plan that
enables specific processes to be performed. A module is a
combination of components. The full test verifies that each
component within every module is workable and satisfies the
strategy and recovery time objective requirement detailed in
the recovery plan.
| Is This Answer Correct ? | 5 Yes | 1 No |
An IS auditor is reviewing a project that is using an agile software development approach. Which of the following should the IS auditor expect to find? A. Use of a capability maturity model (CMM) B. Regular monitoring of task-level progress against schedule C. Extensive use of software development tools to maximize team productivity D. Postiteration reviews that identify lessons learned for future use in the project
A data administrator is responsible for: A. maintaining database system software. B. defining data elements, data names and their relationship. C. developing physical database structures. D. developing data dictionary system software.
The potential for unauthorized system access by way of terminals or workstations within an organization's facility is increased when: A. connecting points are available in the facility to connect laptops to the network. B. users take precautions to keep their passwords confidential. C. terminals with password protection are located in unsecured locations. D. terminals are located within the facility in small clusters under the supervision of an administrator.
Which of the following are data file controls? A. Internal and external labeling B. Limit check and logical relationship checks C. Total items and hash totals D. Report distribution procedures
The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.
A sequence of bits appended to a digital document that is used to secure an e-mail sent through the Internet is called a: A. digest signature. B. electronic signature. C. digital signature. D. hash signature.
Which of the following is a data validation edit and control? A. Hash totals B. Reasonableness checks C. Online access controls D. Before and after image reporting
Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.
When assessing the portability of a database application, the IS auditor should verify that: A. a structured query language (SQL) is used. B. information import and export procedures with other systems exist. C. indexes are used. D. all entities have a significant name and identified primary and foreign keys.
IS auditors reviewing access control should review data classification to ensure that encryption parameters are classified as: A. sensitive. B. confidential. C. critical. D. private.
Which of the following is the MOST important objective of data protection? A. Identifying persons who need access to information B. Ensuring the integrity of information C. Denying or authorizing access to the IS system D. Monitoring logical accesses
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
Cisco Certifications 
