While reviewing the business continuity plan of an
organization, the IS auditor observed that the
organization's data and software files are backed up on a
periodic basis. Which characteristic of an effective plan
does this demonstrate?
A. Deterrence
B. Mitigation
C. Recovery
D. Response
- 1 Answers
- 3396 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
An effective business continuity plan includes steps to
mitigate the effects of a disaster. Files must be restored
on a timely basis for a backup plan to be effective. An
example of deterrence is when a plan includes installation
of firewalls for information systems. An example of recovery
is when a plan includes an organization's hot site to
restore normal business operations.
| Is This Answer Correct ? | 1 Yes | 0 No |
Which of the following techniques would provide the BEST assurance that the estimate of program development effort is reliable? A. Function point analysis B. Estimates by business area C. A computer-based project schedule D. An estimate by experienced programmer
A programmer included a routine into a payroll application to search for his/her own payroll number. As a result, if this payroll number does not appear during the payroll run, a routine will generate and place random numbers onto every paycheck. This routine is known as: A. scavenging. B. data leakage. C. piggybacking. D. a trojan horse.
In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
The PRIMARY benefit of database normalization is the: A. minimization redundancy of information in tables required to satisfy users? needs. B. ability to satisfy more queries. C. maximization of database integrity by providing information in more than one table. D. minimization of response time through faster processing of information.
Which of the following MUST exist to ensure the viability of a duplicate information processing facility? A. The site is near the primary site to ensure quick and efficient recovery. B. The site contains the most advanced hardware available. C. The workload of the primary site is monitored to ensure adequate backup is available. D. The hardware is tested when it is installed to ensure it is working properly.
When reviewing a system development project an IS auditor would be PRIMARILY concerned with whether: A. business objectives are achieved. B. security and control procedures are adequate. C. the system utilizes the strategic technical infrastructure. D. development will comply with the approved quality management processes
Which of the following is the MOST critical and contributes the MOST to the quality of data in a data warehouse? A. Accuracy of the source data B. Credibility of the data source C. Accuracy of the extraction process D. Accuracy of the data transformation
Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data? A. Inheritance B. Dynamic warehousing C. Encapsulation D. Polymorphism
A network diagnostic tool that monitors and records network information is a/an: A. online monitor. B. downtime report. C. help desk report. D. protocol analyzer.
Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them? A. Overwriting the tapes B. Initializing the tape labels C. Degaussing the tapes D. Erasing the tapes
A strength of an implemented quality system based on ISO 9001 is that it: A. guarantees quality solutions to business problems. B. results in improved software life cycle activities. C. provides clear answers to questions concerning cost-effectiveness. D. does not depend on the maturity of the implemented quality system.
Which of the following sampling methods is MOST useful when testing for compliance? A. Attribute sampling B. Variable sampling C. Stratified mean per unit D. Difference estimation
Cisco Certifications 
