Topic 5
Which of the following ensures the availability of transactions in the event of a disaster?
D
Explanation:
The only way to ensure availability of all transactions is to perform a real-time transmission to an offsite facility. Choices A
and B are not in real time and, therefore, would not include all the transactions. Choice C does not ensure availability at an
offsite location.
Topic 5
To provide protection for media backup stored at an offsite location, the storage site should be:
D
Explanation:
The offsite storage site should always be protected against unauthorized access and have at least the same security
requirements as the primary site. Choice A is incorrect because, if the backup is in the same building, it may suffer the same
event and may be inaccessible. Choices B and C represent access risks.
Topic 5
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of
the transaction processing is BEST ensured by:
D
Explanation:
Database commits ensure the data are saved to disk, while the transaction processing is underway or complete. Rollback
ensures that the already completed processing is reversed back, and the data already processed are not saved to the disk in
the event of the failure of the completion of the transaction processing. All other options do not ensure integrity while
processing is underway.
Topic 5
Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and
recovery and the offsite storage vault?
C
Explanation:
Choice A is incorrect because more than one person would typically need to have a key to the vault to ensure that
individuals responsible for the offsite vault can take vacations and rotate duties. Choice B is not correct because an IS
auditor would not be concerned with whether paper documents are stored in the offsite vault. In fact, paper documents, such
as procedural documents and a copy of the contingency plan, would most likely be stored in the offsite vault, and the location
of the vault is important, but not as important as the files being synchronized.
Topic 5
Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist?
B
Explanation:
Operations documentation should contain recovery/restart procedures, so operations can return to normal processing in a
timely manner. Turning off the uninterruptible power supply (UPS) and then turning off the power might create a situation for
recovery and restart, but the negative effect on operations would prove this method to be undesirable. The review of
program code and documentation generally does not provide evidence regarding recovery/restart procedures.
Topic 5
An IS auditor performing a review of the backup processing facilities should be MOST concerned that:
C
Explanation:
Adequate fire insurance and fully tested backup processing facilities are important elements for recovery, but without the
offsite storage of transaction and master files, it is generally impossible to recover. Regular hardware maintenance does not
relate to recovery.
Topic 5
An offsite information processing facility:
A
Explanation:
An offsite information processing facility should have the same amount of physical control as the originating site. It should
not be easily identified from the outside to prevent intentional sabotage. The offsite facility should not be subject to the same
natural disaster that could affect the originating site and thus should not be located in proximity of the original site. The offsite
facility should possess the same level of environmental monitoring and control as the originating site.
Topic 5
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy
transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive
malfunctions and the order entry files are lost. Which of the following is necessary to restore these files?
A
Explanation:
The previous day's backup file will be the most current historical backup of activity in the system. The current day's
transaction file will contain all of the day's activity. Therefore, the combination of these two files will enable full recovery up to
the point of interruption.
Topic 5
In addition to the backup considerations for all systems, which of the following is an important consideration in providing
backup for online systems?
B
Explanation:
Ensuring periodic dumps of transaction logs is the only safe way of preserving timely historical data. The volume of activity
usually associated with an online system makes other more traditional methods of backup impractical.
Topic 5
If a database is restored using before-image dumps, where should the process begin following an interruption?
A
Explanation:
If before images are used, the last transaction in the dump will not have updated the database prior to the dump being taken.
The last transaction will not have updated the database and must be reprocessed. Program checkpoints are irrelevant in this
situation.
Topic 5
Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup
files? The offsite facility must be:
A
Explanation:
It is important that there be an offsite storage location for IS files and that it be in a location not subject to the same risks as
the primary data center. The other choices are all issues that must be considered when establishing the offsite location, but
they are not as critical as the location selection.
Topic 5
The PRIMARY purpose of implementing Redundant Array of Inexpensive Disks (RAID) level 1 in a file server is to:
C
Explanation:
RAID level 1 provides disk mirroring. Data written to one disk are also written to another disk. Users in the network access
data in the first disk; if disk one fails, the second disk takes over. This redundancy ensures the availability of data. RAID level
1 does not improve performance, has no relevance to authentication and does nothing to provide for data confidentiality.
Topic 5
Which of the following would BEST support 24/7 availability?
C
Explanation:
Mirroring of critical elements is a too! that facilitates immediate recoverability. Daily backup implies that it is reasonable for
restoration to take place within a number of hours but not immediately. Offsite storage and periodic testing of systems do not
of themselves support continuous availability.
Topic 5
At a hospital, medical personal carry handheld computers which contain patient health data. These handheld computers are
synchronized with PCs which transfer data from a hospital database. Which of the following would be of the most
importance?
A
Explanation:
Data confidentiality is a major requirement of privacy regulations. Choices B, C and D relate to internal security
requirements, and are secondary when compared to compliance with data privacy laws.
Topic 5
When reviewing the procedures for the disposal of computers, which of the following should be the GREATEST concern for
the IS auditor?
B
Explanation:
Deleting and formatting does not completely erase the data but only marks the sectors that contained files as being free.
There are tools available over the Internet which allow one to reconstruct most of a hard disk's contents. Overwriting a hard
disk at the sector level would completely erase data, directories, indices and master file tables. Reformatting is not
necessary since all contents are destroyed. Overwriting several times makes useless some forensic measures which are
able to reconstruct former contents of newly overwritten sectors by analyzing special magnetic features of the platter's
surface. While hole-punching does not delete file contents, the hard disk cannot be used anymore, especially when head
parking zones and track zero information are impacted. Reconstructing data would be extremely expensive since all analysis
must be performed under a clean room atmosphere and is only possible within a short time frame or until the surface is
corroded. Data reconstruction from shredded hard disks is virtually impossible, especially when the scrap is mixed with other
metal parts. If the transport can be secured and the destruction be proved as described in the option, this is a valid method
of disposal.