Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following issues should be included in the
business continuity plan?
A. The staff required to maintain critical business
functions in the short, medium and long term
B. The potential for a natural disaster to occur, such as an
earthquake
C. Disastrous events impacting information systems
processing and end-user functions
D. A risk analysis that considers systems malfunctions,
accidental file deletions or other failures
- 1 Answers
- 5410 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Where a unified business continuity plan does not exist, the
plan for information systems processing should be extended
to include planning for all units that are dependent upon
information systems processing functions. But, when
formulating a thorough business continuity plan, a very
important issue to be considered is the staff that will be
required to maintain critical business functions over time,
until the organization is fully operational again. Another
important issue is the configuration of the business
facilities, e.g., desks, chairs, telephones, etc., that will
be needed to maintain critical business functions in the
short, medium and long term. Choice B is incorrect because
it has to do with what a good business continuity plan will
take into account in case of disastrous events happening.
This could be considered as a subset of a business
continuity plan, but it does not have the same impact as the
staff required and trained to perform in the event of a
natural disaster. Choice C is incorrect because, like in the
natural disaster case, this could be considered a subset of
a business continuity plan, but it does not have the same
impact as the staff required and trained to perform in the
event of a disaster that would impact information systems
processing and end-user functions. Choice A would be the
subject and choices B and C would be the cause to deploy the
business continuity plan. Choice D is incorrect because it
deals with disruptions in service having their roots in
systems malfunctions; but again, this would be another
aspect dealt with in the business continuity plan, but not a
main issue included in it.
| Is This Answer Correct ? | 1 Yes | 0 No |
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it: A. has been approved by line management. B. does not vary from the IS department's preliminary budget. C. complies with procurement procedures. D. supports the business objectives of the organization.
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
The PRIMARY objective of a business continuity and disaster recovery plan should be to: A. safeguard critical IS assets. B. provide for continuity of operations. C. minimize the loss to an organization. D. protect human life.
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
Which of the following is the MOST important criterion for the selection of a location for an offsite storage facility for IS backup files? The offsite facility must be: A. physically separated from the data center and not subject to the same risks. B. given the same level of protection as that of the computer data center. C. outsourced to a reliable third party. D. equipped with surveillance capabilities.
Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? A. Invite client participation. B. Involve all technical staff. C. Rotate recovery managers. D. Install locally stored backup.
A primary function of risk management is the identification of cost-effective controls. In selecting appropriate controls, which of the following methods is best to study the effectiveness of adding various safeguards in reducing vulnerabilities? A. "What if" analysis B. Traditional cost/benefit analysis C. Screening analysis D. A "back-of-the-envelope" analysis
The FIRST task an IS auditor should complete when performing an audit in an unfamiliar area is to: A. design the audit programs for each system or function involved. B. develop a set of compliance tests and substantive tests. C. gather background information pertinent to the new audit. D. assign human and economical resources.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
Which of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures B. Table link/reference checks C. Query/table access time checks D. Rollback and rollforward database features
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
Cisco Certifications 
