Which of the following would be the LEAST important aspect
of a business continuity plan?
A. Redundant facilities
B. Relocation procedures
C. Adequate insurance coverage
D. Current and available business continuity manual
- 1 Answers
- 4099 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Maintaining adequate insurance coverage is important to the
overall financial recovery of the organization, but it is
not as important as providing facilities for processing
recovery. The underlying purpose of business continuity
planning is the resumption of business operations. As such,
business recovery plans include procedures developed to
accommodate systems, user and network recovery strategies.
| Is This Answer Correct ? | 8 Yes | 0 No |
Which of the following is an implementation risk within the process of decision support systems? A. Management control B. Semistructured dimensions C. Inability to specify purpose and usage patterns D. Changes in decision processes
Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation? A. Multiple cycles of backup files remain available. B. Access controls establish accountability for e-mail activity. C. Data classification regulates what information should be communicated via e-mail. D. Within the enterprise, a clear policy for using e-mail ensures that evidence is available.
Which of the following is an example of a passive attack, initiated through the Internet? A. Traffic analysis B. Masquerading C. Denial of service D. E-mail spoofing
Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP
Which of the following sampling methods is MOST useful when testing for compliance? A. Attribute sampling B. Variable sampling C. Stratified mean per unit D. Difference estimation
An offsite information processing facility having electrical wiring, air conditioning and flooring, but no computer or communications equipment is a: A. cold site. B. warm site. C. dial-up site. D. duplicate processing facility.
An organization is proposing to install a single sign-on facility giving access to all systems. The organization should be aware that: A. Maximum unauthorized access would be possible if a password is disclosed. B. User access rights would be restricted by the additional security parameters. C. The security administrator?s workload would increase. D. User access rights would be increased.
In a TCP/IP-based network, an IP address specifies a: A. network connection. B. router/gateway. C. computer in the network. D. device on the network.
When an employee is terminated from service, the MOST important action is to: A. hand over all of the employee's files to another designated employee. B. take a back up of the employee's work. C. notify other employees of the termination. D. disable the employee's logical access.
Which of the following findings would an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault? A. There are three individuals with a key to enter the area. B. Paper documents also are stored in the offsite vault. C. Data files, which are stored in the vault, are synchronized. D. The offsite vault is located in a separate facility.
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
Compensating controls are intended to: A. reduce the risk of an existing or potential control weakness. B. predict potential problems before they occur. C. remedy problems discovered by detective controls. D. report errors or omissions.
Cisco Certifications 
