Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 89

  1. A large chain of shops with electronic funds transfer (EFT) at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor?

    • Offsite storage of daily backups
    • Alternative standby processor onsite
    • installation of duplex communication links
    • Alternative standby processor at another network node

    Explanation:
    Having an alternative standby processor at another network node would be the best solution. The unavailability of the central communications processor would disrupt all access to the banking network, resulting in the disruption of operations for all of the shops. This could be caused by failure of equipment, power or communications. Offsite storage of backups would not help, since EFT tends to be an online process and offsite storage will not replace the dysfunctional processor. The provision of an alternate processor onsite would be fine if it were an equipment problem, but would not help in the case of a power outage, installation of duplex communication links would be most appropriate if it were only the communication link that failed. 

  2. Facilitating telecommunications continuity by providing redundant combinations of local carrier T- 1 lines, microwaves and/or coaxial cables to access the local communication loop:

    • last-mile circuit protection.
    • long-haul network diversity.
    • diverse routing.
    • alternative routing.
    Explanation:
    The method of providing telecommunication continuity through the use of many recovery facilities, providing redundant combinations of local carrier T-ls, microwave and/or coaxial cable to access the local communication loop in the event of a disaster, is called last-mile circuit protection.
    Providing diverse long-distance network availability utilizing T-l circuits among major long- distance carriers is called long-haul network diversity. This ensures long-distance access should any one carrier experience a network failure. The method of routing traffic through split-cable facilities or duplicate-cable facilities is called diverse routing. Alternative routing is the method of routing information via an alternative medium, such as copper cable or fiber optics.
  3. Which of the following represents the GREATEST risk created by a reciprocal agreement for disaster recovery made between two companies?

    • Developments may result in hardware and software incompatibility.
    • Resources may not be available when needed.
    • The recovery plan cannot be tested.
    • The security infrastructures in each company may be different.
    Explanation:
    If one organization updates its hardware and software configuration, it may mean that it is no longer compatible with the systems of the other party in the agreement. This may mean that each company is unable to use the facilities at the other company to recover their processing following a disaster. Resources being unavailable when needed are an intrinsic risk in any reciprocal agreement, but this is a contractual matter and is not the greatest risk. The plan can be tested by paper-based walkthroughs, and possibly by agreement between the companies. The difference in security infrastructures, while a risk, is not insurmountable.
  4. Which of the following would BEST ensure continuity of a wide area network (WAN) across the organization?

    • Built-in alternative routing
    • Completing full system backup daily
    • A repair contract with a service provider
    • A duplicate machine alongside each server
    Explanation:
    Alternative routing would ensure the network would continue if a server is lost or if a link is severed as message rerouting could be automatic. System backup will not afford immediate protection. The repair contract is not as effective as perm a nentalte (native routing). Standby servers will not provide continuity if a link is severed.
  5. An IS auditor reviewing an organization’s IS disaster recovery plan should verify that it is:

    • tested every six months.
    • regularly reviewed and updated.
    • approved by the chief executive officer (CEO).
    • communicated to every department head in the organization.
    Explanation:
    The plan should be reviewed at appropriate intervals, depending upon the nature of the business and the rate of change of systems and personnel. Otherwise, it may become out of date and may no longer be effective. The plan must be subjected to regular testing, but the period between tests will again depend on the nature of the organization and the relative importance of IS. Three months or even annually may be appropriate in different circumstances. Although the disaster recovery plan should receive the approval of senior management, it need not be the CEO if another executive officer is equally or more appropriate. For a purely IS-related plan, the executive responsible for technology may have approved the plan. Similarly, although a business continuity plan is likely to be circulated throughout an organization, the IS disaster recovery plan will usually be a technical document and only relevant to IS and communications staff.
  6. There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is called:

    • alternative routing.
    • diverse routing.
    • long-haul network diversity.
    • last-mile circuit protection.
    Explanation:
    Diverse routing routes traffic through split-cable facilities or duplicate-cable facilities. This can be accomplished with different and/or duplicate cable sheaths, if different cable sheaths are used, the cable may be in the same conduit and, therefore, subject to the same interruptions as the cable it is backing up. The communication service subscriber can duplicate the facilities by having alternate routes, although the entrance to and from the customer premises may be in the same conduit. The subscriber can obtain diverse routing and alternate routing from the local carrier, including dual-entrance facilities. This type of access is time consuming and costly. Alternative routing is a method of routing information via an alternate medium, such as copper cable or fiber optics. This involves use of different networks, circuits or end points should the normal network be unavailable. Long-haul network diversity is a diverse, long-distance network utilizing T-l circuits among the major long-distance carriers. It ensures long-distance access should any carrier experience a network failure. Last-mile circuit protection is a redundant combination of local carrier T-ls, microwave and/or coaxial cable access to the local communications loop. This enables the facility to have access during a local carrier communication disaster. Alternate local-carrier routing is also utilized. 
  7. The responsibilities of a disaster recovery relocation team include:

    • obtaining, packaging and shipping media and records to the recovery facilities, as well as establishing and overseeing an offsite storage schedule.
    • locating a recovery site, if one has not been predetermined, and coordinating the transport of company employees to the recovery site.
    • managing the relocation project and conducting a more detailed assessment of the damage to the facilities and equipment.
    • coordinating the process of moving from the hot site to a new location or to the restored original location.
    Explanation:
    Choice A describes an offsite storage team, choice B defines a transportation team and choice C defines a salvage team.
  8. While reviewing the business continuity plan of an organization, an IS auditor observed that the organization’s data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate?

    • Deterrence
    • Mitigation
    • Recovery
    • Response
    Explanation:
    An effective business continuity plan includes steps to mitigate the effects of a disaster. Files must be restored on a timely basis for a backup plan to be effective. An example of deterrence is when a plan includes installation of firewalls for information systems. An example of recovery is when a plan includes an organization’s hot site to restore normal business operations.
  9. Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster?

    • The alternate facility will be available until the original information processing facility is restored.
    • User management is involved in the identification of critical systems and their associated critical recovery times.
    • Copies of the plan are kept at the homes of key decision-making personnel.
    • Feedback is provided to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
    Explanation:
    The alternate facility should be made available until the original site is restored to provide the greatest assurance of recovery after a disaster. Without this assurance, the plan will not be successful. All other choices ensure prioritization or the execution pf the plan. 
  10. Which of the following must exist to ensure the viability of a duplicate information processing facility?

    • The site is near the primary site to ensure quick and efficient recovery.
    • The site contains the most advanced hardware available.
    • The workload of the primary site is monitored to ensure adequate backup is available.
    • The hardware is tested when it is installed to ensure it is working properly.
    Explanation:
    Resource availability must be assured. The workload of the site must be monitored to ensure that availability for emergency backup use is not impaired. The site chosen should not be subject to the same natural disaster as the primary site. In addition, a reasonable compatibility of hardware/software must exist to serve as a basis for backup. The latest or newest hardware may not adequately serve this need. Testing the hardware when the site is established is essential, but regular testing of the actual backup data is necessary to ensure the operation will continue to perform as planned.
  11. An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a:

    • cold site.
    • warm site.
    • dial-up site.
    • duplicate processing facility.
    Explanation:
    A cold site is ready to receive equipment but does not offer any components at the site in advance of the need. A warm site is an offsite backup facility that is partially configured with network connections and selected peripheral equipment-such as disk and tape units, controllers and CPUs-to operate an information processing facility. A duplicate information processing facility is a dedicated, self-developed recovery site that can back up critical applications.
  12. A disaster recovery plan for an organization should:

    • reduce the length of the recovery time and the cost of recovery.
    • increase the length of the recovery time and the cost of recovery.
    • reduce the duration of the recovery time and increase the cost of recovery.
    • affect neither the recovery time nor the cost of recovery.
    Explanation:
    One of the objectives of a disaster recovery plan is to reduce the duration and cost of recovering from a disaster. A disaster recovery plan would increase the cost of operations before and after the disaster occurs, but should reduce the time to return to normal operations and the cost that could result from a disaster. 
  13. A disaster recovery plan for an organization’s financial system specifies that the recovery point objective (RPO) is no data loss and the recovery time objective (RTO) is 72 hours. Which of the following is the MOST cost-effective solution?

    • A hot site that can be operational in eight hours with asynchronous backup of the transaction logs
    • Distributed database systems in multiple locations updated asynchronously
    • Synchronous updates of the data and standby active systems in a hot site
    • Synchronous remote copy of the data in a warm site that can be operational in 48 hours
    Explanation:
    The synchronous copy of the storage achieves the RPO objective and a warm site operational in 48 hours meets the required RTO. Asynchronous updates of the database in distributed locations do not meet the RPO. Synchronous updates of the data and standby active systems in a hot site meet the RPO and RTO requirements but are more costly than a warm site solution.
  14. A financial institution that processes millions of transactions each day has a central communications processor (switch) for connecting to automated teller machines (ATMs). Which of the following would be the BEST contingency plan for the communications processor?

    • Reciprocal agreement with another organization
    • Alternate processor in the same location
    • Alternate processor at another network node
    • Installation of duplex communication links
    Explanation:
    The unavailability of the central communications processor would disrupt all access to the banking network. This could be caused by an equipment, power or communications failure. Reciprocal agreements make an organization dependent on the other organization and raise privacy, competition and regulatory issues. Having an alternate processor in the same location resolves the equipment problem, but would not be effective if the failure was caused by environmental conditions (i.e., power disruption). The installation of duplex communication links would only be appropriate if the failure were limited to the communication link.
  15. The cost of ongoing operations when a disaster recovery plan is in place, compared to not having a disaster recovery plan, will MOST likely:

    • increase.
    • decrease.
    • remain the same.
    • be unpredictable.
    Explanation:
    Due to the additional cost of disaster recovery planning (DRP) measures, the cost of normal operations for any organization will always increase after a DRP implementation, i.e., the cost of normal operations during a nondisaster period will be more than the cost of operations during a nondisaster period when no disaster recovery plan was in place.
  16. Which of the following tasks should be performed FIRST when preparing a disaster recovery plan?

    • Develop a recovery strategy.
    • Perform a business impact analysis.
    • Map software systems, hardware and network components.
    • Appoint recovery teams with defined personnel, roles and hierarchy.
    Explanation:
    The first step in any disaster recovery plan is to perform a business impact analysis. All other tasks come afterwards.
  17. Which of the following provides the BEST evidence of an organization’s disaster recovery readiness?

    • A disaster recovery plan
    • Customer references for the alternate site provider
    • Processes for maintaining the disaster recovery plan
    • Results of tests and drills
    Explanation:
    Plans are important, but mere plans do not provide reasonable assurance unless tested. References for the alternate site provider and the existence and maintenance of a disaster recovery plan are important, but only tests and drills demonstrate the adequacy of the plans and provide reasonable assurance of an organization’s disaster recovery readiness.
  18. Which of the following is the BEST method for determining the criticality of each application system in the production environment?

    • interview the application programmers.
    • Perform a gap analysis.
    • Review the most recent application audits.
    • Perform a business impact analysis.
    Explanation:
    A business impact analysis will give the impact of the loss of each application. Interviews with the application programmers will provide limited information related to the criticality of the systems. A gap analysis is only relevant to systems development and project management. The audits may not contain the required information or may not have been done recently. 
  19. A hot site should be implemented as a recovery strategy when the:

    • disaster tolerance is low.
    • recovery point objective (RPO) is high.
    • recovery time objective (RTO) is high.
    • disaster tolerance is high.
    Explanation:
    Disaster tolerance is the time gap during which the business can accept nonavailability of IT facilities. If this time gap is low, recovery strategies that can be implemented within a short period of time, such as a hot site, should be used. The RPO is the earliest point in time at which it is acceptable to recover the data. A high RPO means that the process can wait for a longer time. In such cases, other recovery alternatives, such as warm or cold sites, should be considered. A high RTO means that additional time would be available for the recovery strategy, thus making other recovery alternatives-such as warm or cold sites- viable alternatives.
  20. An organization has implemented a disaster recovery plan. Which of the following steps should be carried out next?

    • Obtain senior management sponsorship.
    • Identify business needs.
    • Conduct a paper test.
    • Perform a system restore test.
    Explanation:
    A best practice would be to conduct a paper test. Senior management sponsorship and business needs identification should have been obtained prior to implementing the plan. A paper test should be conducted first, followed by system or full testing.