Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is a practice that should be
incorporated into the plan for testing disaster recovery
procedures?
A. Invite client participation.
B. Involve all technical staff.
C. Rotate recovery managers.
D. Install locally stored backup.
- 4 Answers
- 8794 Views
- Microsoft, I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: C
Recovery managers should be rotated to ensure the experience
of the recovery plan is spread. Clients may be involved but
not necessarily in every case. Not all technical staff
should be involved in each test. Remote or offsite backup
should always be used.
| Is This Answer Correct ? | 10 Yes | 0 No |
Answer / andreas
Answer: C
Recovery managers should be rotated in order to get the
experience required in all aspects of recovery. Not all
technical staff is needed, nor install locally stored
backup is an action of testing DR.
Referencen CISA Review Manual 2007
| Is This Answer Correct ? | 3 Yes | 0 No |
Answer / venki
D Install locally stored backup
Retrieve the backup data and install it in the local drive
so as to verify that the data is correct.
There is no need for client participation, nor require all
tech. staff and recovery managers. SQA can do this work at
regular intervals and can verify the locally stored backup
for its correctness.
| Is This Answer Correct ? | 0 Yes | 5 No |
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure that:
Which of the following normally would be the MOST reliable evidence for an auditor? A. A confirmation letter received from a third party verifying an account balance B. Assurance from line management that an application is working as designed C. Trend data obtained from World Wide Web (Internet) sources D. Ratio analysis developed by the IS auditor from reports supplied by line management
Which of the following are data file controls? A. Internal and external labeling B. Limit check and logical relationship checks C. Total items and hash totals D. Report distribution procedures
A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing? A. Unit testing B. Integration testing C. Design walk-throughs D. Configuration management
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A: A. scan of all floppy disks before use B. virus monitor on the network file server C. scheduled daily scan of all network drives D. virus monitor on the user's personal computer
When an employee is terminated from service, the MOST important action is to: A. hand over all of the employee's files to another designated employee. B. take a back up of the employee's work. C. notify other employees of the termination. D. disable the employee's logical access.
A primary function of risk management is the identification of cost-effective controls. In selecting appropriate controls, which of the following methods is best to study the effectiveness of adding various safeguards in reducing vulnerabilities? A. "What if" analysis B. Traditional cost/benefit analysis C. Screening analysis D. A "back-of-the-envelope" analysis
Which of the following would be a MAJOR disadvantage of using prototyping as a systems development methodology? A. User expectations of project timescales may be overly optimistic. B. Effective change control and management is impossible to implement. C. User participation in day-to-day project management may be too extensive. D. Users usually are not sufficiently knowledgeable to assist in system development.
During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
Cisco Certifications 
