Which of the following issues should be included in the
business continuity plan?
A. The staff required to maintain critical business
functions in the short, medium and long term
B. The potential for a natural disaster to occur, such as an
earthquake
C. Disastrous events impacting information systems
processing and end-user functions
D. A risk analysis that considers systems malfunctions,
accidental file deletions or other failures
- 1 Answers
- 4591 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Where a unified business continuity plan does not exist, the
plan for information systems processing should be extended
to include planning for all units that are dependent upon
information systems processing functions. But, when
formulating a thorough business continuity plan, a very
important issue to be considered is the staff that will be
required to maintain critical business functions over time,
until the organization is fully operational again. Another
important issue is the configuration of the business
facilities, e.g., desks, chairs, telephones, etc., that will
be needed to maintain critical business functions in the
short, medium and long term. Choice B is incorrect because
it has to do with what a good business continuity plan will
take into account in case of disastrous events happening.
This could be considered as a subset of a business
continuity plan, but it does not have the same impact as the
staff required and trained to perform in the event of a
natural disaster. Choice C is incorrect because, like in the
natural disaster case, this could be considered a subset of
a business continuity plan, but it does not have the same
impact as the staff required and trained to perform in the
event of a disaster that would impact information systems
processing and end-user functions. Choice A would be the
subject and choices B and C would be the cause to deploy the
business continuity plan. Choice D is incorrect because it
deals with disruptions in service having their roots in
systems malfunctions; but again, this would be another
aspect dealt with in the business continuity plan, but not a
main issue included in it.
| Is This Answer Correct ? | 1 Yes | 0 No |
Which of the following steps would an IS auditor normally perform FIRST in a data center security review? A. Evaluate physical access test results. B. Determine the risks/threats to the data center site. C. Review business continuity procedures. D. Test for evidence of physical access at suspect locations.
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
Which of the following components of a business continuity plan is PRIMARILY the responsibility of an organization?s IS department? A. Developing the business continuity plan B. Selecting and approving the strategy for business continuity plan C. Declaring a disaster D. Restoring the IS systems and data after a disaster
To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application
The MOST important responsibility of a data security officer in an organization is: A. recommending and monitoring data security policies. B. promoting security awareness within the organization. C. establishing procedures for IT security policies. D. administering physical and logical access controls.
Which of the following is a dynamic analysis tool for the purpose of testing software modules? A. Blackbox test B. Desk checking C. Structured walk-through D. Design and code
A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.
Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? A. The alternate facility will be available until the original information processing facility is restored. B. User management was involved in the identification of critical systems and their associated critical recovery times. C. Copies of the plan are kept at the homes of key decision making personnel. D. Feedback to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
Receiving an EDI transaction and passing it through the communications interface stage usually requires: A. translating and unbundling transactions. B. routing verification procedures. C. passing data to the appropriate application system. D. creating a point of receipt audit log.
Change management procedures are established by IS management to: A. control the movement of applications from the test environment to the production environment. B. control the interruption of business operations from lack of attention to unresolved problems. C. ensure the uninterrupted operation of the business in the event of a disaster. D. verify that system changes are properly documented.
An IS auditor finds that not all employees are aware of the enterprise's information security policy. The IS auditor should conclude that: A. this lack of knowledge may lead to unintentional disclosure of sensitive information. B. information security is not critical to all functions. C. IS audit should provide security training to the employees. D. the audit finding will cause management to provide continuous training to staff.
Cisco Certifications 
