Free ISACA CISA Übungsprüfungen - Seite 30 von 55

Question #291

Which of the following would be an IS auditor’s GREATEST concern when reviewing the organization’s business continuity plan (BCP)?

A . The recovery plan does not contain the process and application dependencies.
B . The duration of tabletop exercises is longer than the recovery point objective (RPO).
C . The duration of tabletop exercises is longer than the recovery time objective (RTO).
D . The recovery point objective (RPO) and recovery time objective (R TO) are not the same.

Lösung einblenden Lösung ausblenden

Richtige Antwort: A
A

Explanation:

A business continuity plan (BCP) is a document that outlines how an organization will continue its critical functions in the event of a disruption or disaster. A BCP should include the following elements1:

Business impact analysis: This is the process of identifying and prioritizing the key business processes and assets that are essential for the organization’s survival and recovery.

Risk assessment: This is the process of identifying and evaluating the potential threats and vulnerabilities that could affect the organization’s business continuity.

Recovery strategies: These are the actions and procedures that the organization will implement to restore its normal operations as quickly and effectively as possible after a disruption or disaster.

Recovery objectives: These are the metrics that define the acceptable level of recovery for the organization’s business processes and assets.

The two main recovery objectives are:

Recovery point objective (RPO): This is the maximum amount of data loss that the organization can tolerate in terms of time. For example, an RPO of one hour means that the organization can afford to lose up to one hour’s worth of data after a disruption or disaster.

Recovery time objective (RTO): This is the maximum amount of time that the organization can tolerate to restore its normal operations after a disruption or disaster. For example, an RTO of four hours means that the organization must resume its normal operations within four hours after a disruption or disaster.

Testing and validation: This is the process of verifying and evaluating the effectiveness and efficiency of the BCP and its components.

Testing and validation can include various methods, such as:

Tabletop exercises: These are discussion-based sessions where team members meet in an informal setting to review and discuss their roles and responsibilities during a disruption or disaster scenario. A facilitator guides participants through a discussion of one or more scenarios2.

Simulation exercises: These are more realistic and interactive sessions where team members perform their roles and responsibilities during a simulated disruption or disaster scenario. A

facilitator controls and monitors the simulation and injects events and challenges3.

Full-scale exercises: These are the most complex and realistic sessions where team members perform their roles and responsibilities during a real-life disruption or disaster scenario. A facilitator coordinates and evaluates the exercise with external stakeholders, such as emergency services, media, or customers4.

As an IS auditor, your greatest concern when reviewing the organization’s BCP would be A. The recovery plan does not contain the process and application dependencies.

Question #292

Which of the following is the BEST way to ensure a vendor complies with system security requirements?

A . Require security training for vendor staff.
B . Review past incidents reported by the vendor.
C . Review past audits on the vendor’s security compliance.
D . Require a compliance clause in the vendor contract.

Lösung einblenden Lösung ausblenden

Question #293

An IS auditor is reviewing processes for importing market price data from external data providers.

Which of the following findings should the auditor consider MOST critical?

A . The quality of the data is not monitored.
B . Imported data is not disposed frequently.
C . The transfer protocol is not encrypted.
D . The transfer protocol does not require authentication.

Lösung einblenden Lösung ausblenden

Question #294

Which of the following should be the PRIMARY concern for the it department head when implementing operational log management?

A . Diversity of log formats generated by different IT resources
B . Retention and storage issues due to log volume
C . Resistance by operational users
D . Impact on performance of IT resources

Lösung einblenden Lösung ausblenden

Question #295

Which of the following would be MOST useful to an IS auditor when making recommendations to enable continual improvement of IT processes over time?

A . IT incident log
B . Benchmarking studies
C . Maturity model
D . IT risk register

Lösung einblenden Lösung ausblenden

Question #296

During an ongoing audit, management requests a briefing on the findings to date.

Which of the following is the IS auditor’s BEST course of action?

A . Review working papers with the auditee.
B . Request the auditee provide management responses.
C . Request management wait until a final report is ready for discussion.
D . Present observations for discussion only.

Lösung einblenden Lösung ausblenden

Question #297

An IS auditor discovers that backups of critical systems are not being performed in accordance with the recovery point objective (RPO) established in the business continuity plan (BCP).

What should the auditor do NEXT?