The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1801
- Question
- Answer
- Explanation
- CISA Question 1802
- Question
- Answer
- Explanation
- CISA Question 1803
- Question
- Answer
- Explanation
- CISA Question 1804
- Question
- Answer
- Explanation
- CISA Question 1805
- Question
- Answer
- Explanation
- CISA Question 1806
- Question
- Answer
- Explanation
- CISA Question 1807
- Question
- Answer
- Explanation
- CISA Question 1808
- Question
- Answer
- Explanation
- CISA Question 1809
- Question
- Answer
- Explanation
- CISA Question 1810
- Question
- Answer
- Explanation
CISA Question 1801
Question
During an audit, an IS auditor notes that an organization’s business continuity plan (BCP) does not adequately address information confidentiality during a recovery process. The IS auditor should recommend that the plan be modified to include:
A. the level of information security required when business recovery procedures are invoked.
B. information security roles and responsibilities in the crisis management structure.
C. information security resource requirements.
D. change management procedures for information security that could affect business continuity arrangements.
Answer
A. the level of information security required when business recovery procedures are invoked.
Explanation
Business should consider whether information security levels required during recovery should be the same, lower or higher than when business is operating normally. In particular, any special rules for access to confidential data during a crisis need to be identified. The other choices do not directly address the information confidentiality issue.
CISA Question 1802
Question
What is the BEST backup strategy for a large database with data supporting online sales?
A. Weekly full backup with daily incremental backup
B. Daily full backup
C. Clustered servers
D. Mirrored hard disks
Answer
A. Weekly full backup with daily incremental backup
Explanation
Weekly full backup and daily incremental backup is the best backup strategy; it ensures the ability to recover the database and yet reduces the daily backup time requirements. A full backup normally requires a couple of hours, and therefore it can be impractical to conduct a full back up every day. Clustered servers provide a redundant processing capability, but are not a backup.
Mirrored hard disks will not help in case of disaster.
CISA Question 1803
Question
Which of the following backup techniques is the MOST appropriate when an organization requires extremely granular data restore points, as defined in the recovery point objective (RPO)?
A. Virtual tape libraries
B. Disk-based snapshots
C. Continuous data backup
D. Disk-to-tape backup
Answer
C. Continuous data backup
Explanation
The recovery point objective (RPO) is based on the acceptable data loss in the case of a disruption. In this scenario the organization needs a short RPO. Virtual tape libraries, disk- based snapshots and disk-to-tape backup would require time to complete the backup, while continuous data backup happens online (in real time).
CISA Question 1804
Question
In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database?
A. Daily data backup to tape and storage at a remote site
B. Real-time replication to a remote site
C. Hard disk mirroring to a local server
D. Real-time data backup to the local storage area network (SAN)
Answer
B. Real-time replication to a remote site
Explanation
With real-time replication to a remote site, data are updated simultaneously in two separate locations; therefore, a disaster in one site would not damage the information located in the remote site. This assumes that both sites were not affected by the disaster. Daily tape backup recovery could lose up to a day’s work of data. Choices C and D take place in the same data center and could possibly be affected by the same disaster.
CISA Question 1805
Question
Which of the following should be the MOST important criterion in evaluating a backup solution for sensitive data that must be retained for a long period of time due to regulatory requirements?
A. Full backup window
B. Media costs
C. Restore window
D. Media reliability
Answer
D. Media reliability
Explanation
To comply with regulatory requirements, the media should be reliable enough to ensure an organization’s ability to recovery the data should they be required for any reason. Media price is a consideration, but should not be more important than the ability to provide the required reliability.
Choices A and C are less critical than reliability.
CISA Question 1806
Question
An organization currently using tape backups takes one full backup weekly and incremental backups daily. They recently augmented their tape backup procedures with a backup-to- disk solution. This is appropriate because:
A. fast synthetic backups for offsite storage are supported.
B. backup to disk is always significantly faster than backup to tape.
C. tape libraries are no longer needed.
D. data storage on disks is more reliable than on tapes.
Answer
A. fast synthetic backups for offsite storage are supported.
Explanation
Disk-to-disk (D2D) backup should not be seen as a direct replacement for backup to tape; rather, it should be viewed as part of a multitier backup architecture that takes advantage of the best features of both tape and disk technologies. Backups to disks are not dramatically faster than backups to tapes in a balanced environment. Most often than not there is hardly a difference, since the limiting components are not tape or disk drives but the overall sustained bandwidth of the backup server’s backplane. The advantage in terms of speed is in restoring performance, since all data are on hand and can be accessed randomly, resulting in a dramatic enhancement in throughput. This makes fast synthetic backups (making a full back up without touching the host’s data only by using the existing incremental backups) efficient and easy.
Although the cost of disks has been reduced, tape-based backup can offer an overall cost advantage over disk-only solutions. Even if RAID arrays are used for D2Dstorage, a failed drive must be swapped out and the RAID set rebuilt before another disk drive fails, thus making this kind of backup more risky and not suitable as a solution of last resort. In contrast, a single tape drive failure does not produce any data loss since the data resides on the tape media. In a multidrive library, the loss of the use of a single tape drive has no impact on the overall level of data protection. Conversely, the loss of a disk drive in an array can put all data at risk. This in itself reinforces the benefits of a disk-to-disk-toany storage hierarchy, as data could be protected by a tertiary stage of disk storage and ultimately tape. Beyond the drive failure issue, tape has an inherent reliability advantage over any disk drive as it has no boot sector or file allocation table that can be infected or manipulated by a virus.
CISA Question 1807
Question
Network Data Management Protocol (NDMP) technology should be used for backup if:
A. a network attached storage (NAS) appliance is required.
B. the use of TCP/I P must be avoided.
C. file permissions that can not be handled by legacy backup systems must be backed up.
D. backup consistency over several related data volumes must be ensured.
Answer
A. a network attached storage (NAS) appliance is required.
Explanation
NDMP defines three kinds of services: a data service that interfaces with the primary storage to be backed up or restored, a tape service that interfaces with the secondary storage (primarily a tape device), and a translator service performing translations including multiplexing multiple data streams into one data stream and vice versa. NDMP services interact with each other. The result of this interaction is the establishment of an NDMP control session if the session is being used to achieve control for the backup or restore operation. It would result in an NDMP data session if the session is being used to transfer actual file system or volume data (including metadata). Control sessions are always TCP/IPbased, but data streams can be TCP/lP-or SAN-based. NDMP is more or less NAS-centric and defines a way to back up and restore data from a device, such as a NAS appliance, on which it is difficult to install a backup software agent, in the absence of NDMP, this data must be backed up as a shared drive on the LAN, which is accessed via network file protocols, such as Common Internet File System (CIFS) or Network File System (NFS), degrading backup performance. NDMP works on a block level for transferring payload data (file content) but metadata and traditional file system information needs to be handled by legacy backup systems that initiate NDMP data movement. NDMP does not know about nor takes care of consistency issues regarding related volumes (e.g., a volume to store database files, a volume to store application server data and a volume to store web server data). NDMP can be used to do backups in such an environment (e.g., SAP) but the logic required either must be put into a dedicated piece of software or must be scripted into the legacy backup software.
CISA Question 1808
Question
In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy?
A. Disaster tolerance is high.
B. Recovery time objective is high.
C. Recovery point objective is low.
D. Recovery point objective is high.
Answer
C. Recovery point objective is low.
Explanation
A recovery point objective (RPO) indicates the latest point in time at which it is acceptable to recover the data. If the RPO is low, data mirroring should be implemented as the data recovery strategy. The recovery time objective (RTO) is an indicator of the disaster tolerance. The lower the RTO, the lower the disaster tolerance. Therefore, choice C is the correct answer.
CISA Question 1809
Question
IS management has decided to install a level 1 Redundant Array of Inexpensive Disks (RAID) system in all servers to compensate for the elimination of offsite backups. The IS auditor should recommend:
A. upgrading to a level 5 RAID.
B. increasing the frequency of onsite backups.
C. reinstating the offsite backups.
D. establishing a cold site in a secure location.
Answer
C. reinstating the offsite backups.
Explanation
A RAID system, at any level, will not protect against a natural disaster. The problem will not be alleviated without offsite backups, more frequent onsite backups or even setting up a cold site. Choices A, B and D do not compensate for the lack of offsite backup.
CISA Question 1810
Question
Which of the following ensures the availability of transactions in the event of a disaster?
A. Send tapes hourly containing transactions offsite,
B. Send tapes daily containing transactions offsite.
C. Capture transactions to multiple storage devices.
D. Transmit transactions offsite in real time.
Answer
D. Transmit transactions offsite in real time.
Explanation
The only way to ensure availability of all transactions is to perform a real-time transmission to an offsite facility. Choices A and B are not in real time and, therefore, would not include all the transactions. Choice C does not ensure availability at an offsite location.