CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 185
1. An organization with multiple data centers has designated one of its own facilities as the recovery site. The MOST important concern is the:
A) communication line capacity between data centers.
B) current processing capacity loads at data centers.
C) differences in logical security at each center.
D) synchronization of system software release versions.
2. Which of the following is MOST important in determining whether a disaster recovery test is successful?
A) Only business data files from offsite storage are used
B) IT staff fully recovers the processing infrastructure
C) Critical business processes are duplicated
D) All systems are restored within recovery time objectives (RTOs)
3. Which of the following is MOST important when deciding whether to build an alternate facility or subscribe to a third-party hot site?
A) Cost to build a redundant processing facility and invocation
B) Daily cost of losing critical systems and recovery time objectives (RTOs)
C) Infrastructure complexity and system sensitivity
D) Criticality results from the business impact analysis (BIA)
4. A new e-mail virus that uses an attachment disguised as a picture file is spreading rapidly over the Internet. Which of the following should be performed FIRST in response to this threat?
A) Quarantine all picture files stored on file servers
B) Block all e-mails containing picture file attachments
C) Quarantine all mail servers connected to the Internet
D) Block incoming Internet mail, but permit outgoing mail
5. When a large organization discovers that it is the subject of a network probe, which of the following actions should be taken?
A) Reboot the router connecting the DMZ to the firewall
B) Power down all servers located on the DMZ segment
C) Monitor the probe and isolate the affected segment
D) Enable server trace logging on the affected segment
A) communication line capacity between data centers.
B) current processing capacity loads at data centers.
C) differences in logical security at each center.
D) synchronization of system software release versions.
2. Which of the following is MOST important in determining whether a disaster recovery test is successful?
A) Only business data files from offsite storage are used
B) IT staff fully recovers the processing infrastructure
C) Critical business processes are duplicated
D) All systems are restored within recovery time objectives (RTOs)
3. Which of the following is MOST important when deciding whether to build an alternate facility or subscribe to a third-party hot site?
A) Cost to build a redundant processing facility and invocation
B) Daily cost of losing critical systems and recovery time objectives (RTOs)
C) Infrastructure complexity and system sensitivity
D) Criticality results from the business impact analysis (BIA)
4. A new e-mail virus that uses an attachment disguised as a picture file is spreading rapidly over the Internet. Which of the following should be performed FIRST in response to this threat?
A) Quarantine all picture files stored on file servers
B) Block all e-mails containing picture file attachments
C) Quarantine all mail servers connected to the Internet
D) Block incoming Internet mail, but permit outgoing mail
5. When a large organization discovers that it is the subject of a network probe, which of the following actions should be taken?
A) Reboot the router connecting the DMZ to the firewall
B) Power down all servers located on the DMZ segment
C) Monitor the probe and isolate the affected segment
D) Enable server trace logging on the affected segment
1. Right Answer: B
Explanation: If data centers are operating at or near capacity, it may prove difficult to recover critical operations at an alternate data center. Although line capacity is important from a mirroring perspective, this is secondary to having the necessary capacity to restore critical systems. By comparison, differences in logical and physical security and synchronization of system software releases are much easier issues to overcome and are, therefore, of less concern.
2. Right Answer: C
Explanation: To ensure that a disaster recovery test is successful, it is most important to determine whether all critical business functions were successfully recovered and duplicated. Although ensuring that only materials taken from offsite storage are used in the test is important, this is not as critical in determining a test's success.While full recovery of the processing infrastructure is a key recovery milestone, it does not ensure the success of a test. Achieving the RTOs is another important milestone, but does not necessarily prove that the critical business functions can be conducted, due to interdependencies with other applications and key elements such as data, staff, manual processes, materials and accessories, etc.
3. Right Answer: C
Explanation: The complexity and business sensitivity of the processing infrastructure and operations largely determines the viability of such an option; the concern is whether the recovery site meets the operational and security needs of the organization. The cost to build a redundant facility is not relevant since only a fraction of the total processing capacity is considered critical at the time of the disaster and recurring contract costs would accrue over time. Invocation costs are not a factor because they will be the same regardless. The incremental daily cost of losing different systems and the recovery time objectives (RTOs) do not distinguish whether a commercial facility is chosen. Resulting criticality from the business impact analysis (BIA) will determine the scope and timeline of the recovery efforts, regardless of the recovery location.
4. Right Answer: B
Explanation: Until signature files can be updated, incoming e-mail containing picture file attachments should be blocked. Quarantining picture files already stored on file servers is not effective since these files must be intercepted before they are opened. Quarantine of all mail servers or blocking all incoming mail is unnecessary overkill since only those e-mails containing attached picture files are in question.
5. Right Answer: C
Explanation: In the case of a probe, the situation should be monitored and the affected network segment isolated. Rebooting the router, powering down the demilitarized zone(DMZ) servers and enabling server trace routing are not warranted.
Explanation: If data centers are operating at or near capacity, it may prove difficult to recover critical operations at an alternate data center. Although line capacity is important from a mirroring perspective, this is secondary to having the necessary capacity to restore critical systems. By comparison, differences in logical and physical security and synchronization of system software releases are much easier issues to overcome and are, therefore, of less concern.
2. Right Answer: C
Explanation: To ensure that a disaster recovery test is successful, it is most important to determine whether all critical business functions were successfully recovered and duplicated. Although ensuring that only materials taken from offsite storage are used in the test is important, this is not as critical in determining a test's success.While full recovery of the processing infrastructure is a key recovery milestone, it does not ensure the success of a test. Achieving the RTOs is another important milestone, but does not necessarily prove that the critical business functions can be conducted, due to interdependencies with other applications and key elements such as data, staff, manual processes, materials and accessories, etc.
3. Right Answer: C
Explanation: The complexity and business sensitivity of the processing infrastructure and operations largely determines the viability of such an option; the concern is whether the recovery site meets the operational and security needs of the organization. The cost to build a redundant facility is not relevant since only a fraction of the total processing capacity is considered critical at the time of the disaster and recurring contract costs would accrue over time. Invocation costs are not a factor because they will be the same regardless. The incremental daily cost of losing different systems and the recovery time objectives (RTOs) do not distinguish whether a commercial facility is chosen. Resulting criticality from the business impact analysis (BIA) will determine the scope and timeline of the recovery efforts, regardless of the recovery location.
4. Right Answer: B
Explanation: Until signature files can be updated, incoming e-mail containing picture file attachments should be blocked. Quarantining picture files already stored on file servers is not effective since these files must be intercepted before they are opened. Quarantine of all mail servers or blocking all incoming mail is unnecessary overkill since only those e-mails containing attached picture files are in question.
5. Right Answer: C
Explanation: In the case of a probe, the situation should be monitored and the affected network segment isolated. Rebooting the router, powering down the demilitarized zone(DMZ) servers and enabling server trace routing are not warranted.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment