Isaca CISA Quiz 39 Topic 4 Questions 191-195

Question: 1

While reviewing an organization s business continuity plan (BCP) an IS auditor observes that a recently developed application is not included. The IS auditor should:

Aignore the observation as the application is not mission critical.

Brecommend that the application b# incorporated in the BCP.

Censure that the criticality of the application is determined

Dinclude m the audit findings that the BCP is incomplete

Show Answer

Question: 2

Which type of attack poses the GREATEST risk to an organization's most sensitive data?

AInsider attack

BEavesdropping attack

CSpear phishing attack

DPassword attack

Show Answer

Question: 3

Which of the following is the MAIN risk associated with adding a new system functionality during the development phase without following a project change management process?

AThe new functionality may not meet requirements

BThe added functionality has not been documented

CThe project may go over budget.

DThe project may fail to meet the established deadline

Show Answer

Question: 4

Which of the following BEST enables system resiliency for an e-commerce organization that requires a low recovery time objective (RTO) and a few recovery point objective (RPO)?

ARemote backups

BRedundant arrays

CNightly backups

DMirrored sites

Show Answer

Question: 5

Which of the following should be done FIRST to develop an effective business continuity plan (BCP)?

ASecure an alternate processing site

BPerform a business impact analysis (BIA).

CCreate a disaster recovery plan (DRP).

DCreate a business unit communications plan.

Show Answer

Isaca CISA Quiz:39 Topic:4 Questions:191-195