CISA Questions (901-1000) and Answers 100% Verified.
8 views 0 purchase
Course
CISA
Institution
CISA
CISA Questions (901-1000) and Answers
100% Verified.
A company with a limited budget has a recovery time objective (RTO) of 72 hours and a
recovery point objective (RPO) of 24 hours. Which of the following would BEST meet the
requirements of the business?
Select an answer:
A.
A hot site
B.
...
CISA Questions (901-1000) and Answers
100% Verified.
A company with a limited budget has a recovery time objective (RTO) of 72 hours and a
recovery point objective (RPO) of 24 hours. Which of the following would BEST meet the
requirements of the business?
Select an answer:
A.
A hot site
B.
A cold site
C.
A mirrored site
D.
A warm site - answer✔✔You are correct, the answer is D.
A. Although a hot site enables the business to meets its recovery point objective (RPO) and
recovery time objective (RTO), the cost to maintain a hot site is more than the cost to maintain a
warm site, which could also meet the objectives.
B. A cold site, although providing basic infrastructure, lacks the required hardware to meet the
business objectives.
C. A mirrored site provides fully redundant facilities with real-time data replication. It can meet
the business objectives, but it is not as cost-effective a solution as a warm site.
D. A warm site is the most appropriate solution because it provides basic infrastructure and most
of the required IT equipment to affordably meet the business requirements. The remainder of the
equipment needed can be provided through vendor agreements within a few days. The RTO is
the amount of time allowed for the recovery of a business function or resource after a disaster
occurs. The RPO is determined based on the acceptable data loss in case of a disruption of
operations. The RPO indicates the earliest point in time that is acceptable to recover the data, and
it effectively quantifies the permissible amount of data loss in case of interruption.
An IS auditor finds that database administrators (DBAs) have access to the log location on the
database server and the ability to purge logs from the system. What is the BEST audit
recommendation to ensure that DBA activity is effectively monitored?
Select an answer:
A.
Change permissions to prevent DBAs from purging logs.
B.
Forward database logs to a centralized log server.
C.
Require that critical changes to the database are formally approved.
D.
Back up database logs to tape. - answer✔✔You are correct, the answer is B.
A. Changing the database administrator (DBA) permissions to prevent DBAs from purging logs
may not be feasible and does not adequately protect the availability and integrity of the database
logs.
B. To protect the availability and integrity of the database logs, it is most feasible to forward the
database logs to a centralized log server to which the DBAs do not have access.
C. Requiring that critical changes to the database are formally approved does not adequately
protect the availability and integrity of the database logs.
D. Backing up database logs to tape does not adequately protect the availability and integrity of
the database logs.
Which of the following is MOST important to determine the recovery point objective (RPO) for
a critical process in an enterprise?
Select an answer:
A.
Number of hours of acceptable downtime
B.
Total cost of recovering critical systems
C.
Extent of data loss that is acceptable
D.
Acceptable reduction in the level of service - answer✔✔You are correct, the answer is C.
A. The recovery time objective (RTO) is the amount of time allowed for the recovery of a
business function or resource after a disaster.
B. The determination of the recovery point objective (RPO) already takes cost into consideration.
C. The RPO is determined based on the acceptable data loss in case of a disruption of operations.
It indicates the earliest point in time that is acceptable to recover the data. The RPO effectively
quantifies the permissible amount of data loss in case of interruption.
D. The service delivery objective (SDO) is directly related to the business needs. The SDO is the
level of services to be reached during the alternate process mode until the normal situation is
restored.
An IS auditor is assisting in the design of the emergency change control procedures for an
organization with a limited budget. Which of the following recommendations BEST helps to
establish accountability for the system support personnel?
Select an answer:
A.
Production access is granted to the individual support ID when needed.
B.
Developers use a firefighter ID to promote code to production.
C.
A dedicated user promotes emergency changes to production.
D.
Emergency changes are authorized prior to promotion. - answer✔✔You are correct, the answer
is A.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
