Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 17

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1751

Question

The frequent updating of which of the following is key to the continued effectiveness of a disaster recovery plan (DRP)?

A. Contact information of key personnel
B. Server inventory documentation
C. individual roles and responsibilities
D. Procedures for declaring a disaster

Answer

A. Contact information of key personnel

Explanation

In the event of a disaster, it is important to have a current updated list of personnel who are key to the operation of the plan. Choices B, C and D would be more likely to remain stable overtime.

CISA Question 1752

Question

Which of the following issues should be the GREATEST concern to the IS auditor when reviewing an IT disaster recovery test?

A. Due to the limited test time window, only the most essential systems were tested. The other systems were tested separately during the rest of the year.
B. During the test it was noticed that some of the backup systems were defective or not working, causing the test of these systems to fail.
C. The procedures to shut down and secure the original production site before starting the backup site required far more time than planned.
D. Every year, the same employees perform the test. The recovery plan documents are not used since every step is well known by all participants.

Answer

D. Every year, the same employees perform the test. The recovery plan documents are not used since every step is well known by all participants.

Explanation

A disaster recovery test should test the plan, processes, people and IT systems. Therefore, if the plan is not used, its accuracy and adequacy cannot be verified.
Disaster recovery should not rely on key staff since a disaster can occur when they are not available. It is common that not all systems can be tested in a limited test time frame. It is important, however, that those systems which are essential to the business are tested, and that the other systems are eventually tested throughout the year. One aim of the test is to identify and replace defective devices so that all systems can be replaced in the case of a disaster. Choice B would only be a concern if the number of discovered problems is systematically very high, in a real disaster, there is no need for a clean shutdown of the original production environment since the first priority is to bring the backup site up.

CISA Question 1753

Question

An organization has a recovery time objective (RTO) equal to zero and a recovery point objective (RPO) close to 1 minute for a critical system. This implies that the system can tolerate:

A. a data loss of up to 1 minute, but the processing must be continuous.
B. a 1-minute processing interruption but cannot tolerate any data loss.
C. a processing interruption of 1 minute or more.
D. both a data less and processing interruption longer than 1 minute.

Answer

A. a data loss of up to 1 minute, but the processing must be continuous.

Explanation

The recovery time objective (RTO) measures an organization’s tolerance for downtime and the recovery point objective (RPO) measures how much data loss can be accepted. Choices B, C and D are incorrect since they exceed the RTO limits set by the scenario.

CISA Question 1754

Question

During a disaster recovery test, an IS auditor observes that the performance of the disaster recovery site’s server is slow. To find the root cause of this, the IS auditor should FIRST review the:

A. event error log generated at the disaster recovery site.
B. disaster recovery test plan.
C. disaster recovery plan (DRP).
D. configurations and alignment of the primary and disaster recovery sites.

Answer

D. configurations and alignment of the primary and disaster recovery sites.

Explanation

Since the configuration of the system is the most probable cause, the IS auditor should review that first. If the issue cannot be clarified, the IS auditor should then review the event error log. The disaster recovery test plan and the disaster recovery plan (DRP) would not contain information about the system configuration

CISA Question 1755

Question

Regarding a disaster recovery plan, the role of an IS auditor should include:

A. identifying critical applications.
B. determining the external service providers involved in a recovery test.
C. observing the tests of the disaster recovery plan. determining the criteria for
D. establishing a recovery time objective (RTO).

Answer

C. observing the tests of the disaster recovery plan. determining the criteria for

Explanation

The IS auditor should be present when disaster recovery plans are tested, to ensure that the test meets the targets for restoration, and the recovery procedures are effective and efficient. As appropriate, the auditor should provide a report of the test results. All other choices are a responsibility of management.

CISA Question 1756

Question

A lower recovery time objective (RTO) results in:

A. higher disaster tolerance.
B. higher cost.
C. wider interruption windows.
D. more permissive data loss.

Answer

B. higher cost.

Explanation

A recovery time objective (RTO) is based on the acceptable downtime in case of a disruption of operations. The lower the RTO, the higher the cost of recovery strategies. The lower the disaster tolerance, the narrower the interruption windows, and the lesser the permissive data loss.

CISA Question 1757

Question

When developing a disaster recovery plan, the criteria for determining the acceptable downtime should be the:

A. annualized loss expectancy (ALE).
B. service delivery objective.
C. quantity of orphan data.
D. maximum tolerable outage.

Answer

D. maximum tolerable outage.

Explanation

The recovery time objective is determined based on the acceptable downtime in case of a disruption of operations, it indicates the maximum tolerable outage that an organization considers to be acceptable before a system or process must resume following a disaster. Choice A is incorrect, because the acceptable downtime would not be determined by the annualized loss expectancy (ALE). Choices B and C are relevant to business continuity, but they are not determined by acceptable downtime.

CISA Question 1758

Question

Due to changes in IT, the disaster recovery plan of a large organization has been changed. What is the PRIMARY risk if the new plan is not tested?

A. Catastrophic service interruption
B. High consumption of resources
C. Total cost of the recovery may not be minimized
D. Users and recovery teams may face severe difficulties when activating the plan

Answer

A. Catastrophic service interruption

Explanation

Choices B, C and D are all possible problems that might occur, and would cause difficulties and financial losses or waste of resources. However, if a new disaster recovery plan is not tested, the possibility of a catastrophic service interruption is the most critical of all risks.

CISA Question 1759

Question

If the recovery time objective (RTO) increases:

A. the disaster tolerance increases.
B. the cost of recovery increases.
C. a cold site cannot be used.
D. the data backup frequency increases.

Answer

A. the disaster tolerance increases.

Explanation

The longer the recovery time objective (RTO), the higher disaster tolerance and the lower the recovery cost. It cannot be concluded that a cold site is inappropriate or that the frequency of data backup would increase.

CISA Question 1760

Question

An organization has a number of branches across a wide geographical area. To ensure that all aspects of the disaster recovery plan are evaluated in a cost effective manner, an IS auditor should recommend the use of a:

A. data recovery test.
B. full operational test.
C. posttest.
D. preparedness test.

Answer

D. preparedness test.

Explanation

A preparedness test should be performed by each local office/area to test the adequacy of the preparedness of local operations in the event of a disaster. This test should be performed regularly on different aspects of the plan and can be a cost-effective way to gradually obtain evidence of the plan’s adequacy. A data recovery test is a partial test and will not ensure that all aspects are evaluated. A full operational test is not the most cost effective test in light of the geographical dispersion of the branches, and a posttest is a phase of the test execution process.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.