Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following represents the GREATEST risk created
by a reciprocal agreement for disaster recovery made between
two companies?
A. Developments may result in hardware and software
incompatibility.
B. Resources may not be available when needed.
C. The recovery plan cannot be tested.
D. The security infrastructures in each company may be
different.
- 1 Answers
- 10688 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
If one organization updates its hardware and software
configuration, it may mean that it is no longer compatible
with the systems of the other party in the agreement. This
may mean that each company is unable to use the facilities
at the other company to recover their processing following a
disaster. Resources being unavailable when needed are an
intrinsic risk in any reciprocal agreement, but this is a
contractual matter and is not the greatest risk. The plan
can be tested by paper-based walk-throughs and, possibly, by
agreement between the companies. The difference in security
infrastructures, while a risk, is not insurmountable.
| Is This Answer Correct ? | 5 Yes | 1 No |
To review access to ceratin data base to determine whether the "new user" forms were correctly authorized. This is an example of:
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical hardware configuration is already established. The IS auditor should: A. take no action as the lack of a current plan is the only significant finding. B. recommend that the hardware configuration at each site should be identical. C. perform a review to verify that the second configuration can support live processing. D. report that the financial expenditure on the alternative site is wasted without an effective plan.
Which of the following components is responsible for the collection of data in an intrusion detection system (IDS)? A. Analyzer B. Administration console C. User interface D. Sensor
An IS auditor is auditing the controls relating to employee termination. Which of the following is the MOST important aspect to be reviewed? A. The related company staff are notified about the termination B. User ID and passwords of the employee have been deleted C. The details of employee have been removed from active payroll files D. Company property provided to the employee has been returned
The BEST defense against network eavesdropping is: A. encryption. B. moving the defense perimeter outward. C. reducing the amplitude of the communication signal. D. masking the signal with noise.
During an audit, an IS auditor learns that lengthy and complex passwords are required to reach the network via modem. These passwords were established by an outside provider. The communications software allows users to select a ?remember password? option. What should the IS auditor's PRIMARY recommendation be? A. Disable the save password option and have users record them elsewhere. B. Request that the provider change the dial-in password to a group password. C. Establish and enforce a process to have users change their passwords. D. Allow users to change their passwords to something less complex.
Linux is an __________ operating system
With the help of the security officer, granting access to data is the responsibility of: A. data owners. B. programmers. C. system analysts. D. librarians.
Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer
A company disposing of personal computers that once were used to store confidential data should first: A. demagnetize the hard disk. B. low-level format the hard disk. C. delete all data contained on the hard disk. D. defragment the data contained on the hard disk.
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
Cisco Certifications 
