A large chain of shops with EFT at point-of-sale devices has
a central communications processor for connecting to the
banking network. Which of the following is the BEST disaster
recovery plan for the communications processor?
A. Offsite storage of daily backups
B. Alternative standby processor onsite
C. Installation of duplex communication links
D. Alternative standby processor at another network node
- 1 Answers
- 3247 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Having an alternative standby processor at another network
node would be the best. The unavailability of the central
communications processor would disrupt all access to the
banking network resulting in the disruption of operations
for all of the shops. This could be caused by failure of
equipment, power or communications. Offsite storage of
backups would not help since EFT tends to be an online
process and offsite storage will not replace the
dysfunctional processor. The provision of an alternate
processor onsite would be fine if it were an equipment
problem, but would not help if the outage were caused by
power, for example. Installation of duplex communication
links would be most appropriate if it were only the
communication link that failed.
| Is This Answer Correct ? | 1 Yes | 0 No |
While planning an audit, an assessment of risk should be made to provide: A. reasonable assurance that the audit will cover material items. B. definite assurance that material items will be covered during the audit work. C. reasonable assurance that all items will be covered by the audit. D. sufficient assurance that all items will be covered during the audit work.
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in.TCP services.
Which of the following is the MOST effective technique for providing security during data transmission? A. Communication log B. Systems software log C. Encryption D. Standard protocol
The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
An organization is introducing a single sign-on (SSO) system. Under the SSO system, users will be required to enter only one user ID and password for access to all application systems. Under the SSO system, unauthorized access: A. is less likely. B. is more likely. C. will have a greater impact. D. will have a smaller impact.
The database administrator has recently informed you of the decision to disable certain normalization controls in the database management system (DBMS) software to provide users with increased query performance. This will MOST likely increase the risk of: A. loss of audit trails. B. redundancy of data. C. loss of data integrity. D. unauthorized access to data.
During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used in the establishment of its commercial relations. To substantiate this, the IS auditor must prove that which of the following is used? A. A biometric, digitalized and encrypted parameter with the customer's public key B. A hash of the data that is transmitted and encrypted with the customer's private key C. A hash of the data that is transmitted and encrypted with the customer's public key D. The customer's scanned signature, encrypted with the customer's public key
As a result of a business process reengineering (BPR) project: A. an IS auditor would be concerned with the key controls that existed in the prior business process and not those in the new process. B. system processes are automated in such a way that there are more manual interventions and manual controls. C. the newly designed business processes usually do not involve changes in the way(s) of doing business. D. advantages usually are realized when the reengineering process appropriately suits the business and risk.
When assessing the portability of a database application, the IS auditor should verify that: A. a structured query language (SQL) is used. B. information import and export procedures with other systems exist. C. indexes are used. D. all entities have a significant name and identified primary and foreign keys.
Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check
An IS auditor should be able to identify and evaluate various types of risks and their potential effects. Which of the following risks is associated with authorized program exits (trap doors)? A. Inherent B. Detection C. Audit D. Error
Cisco Certifications 
