Home > CISA (Certified Information Systems Auditor) > Quizzes > CISA Domain 4: Information Systems Operations and Business Resilience
CISA Domain 4: Information Systems Operations and Business Resilience
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 17% Most missed: “What is a typical frequency for running a job that checks Active Directory for u…”
CISA Domain 4: Information Systems Operations and Business Resilience
Time left 00:00
25 Questions

1. What is the purpose of salvage operations in a disaster recovery plan?
2. Computer code that is found within the contents of a database is known as a:
3. A system engineer is reviewing critical systems in a data center and mapping them to individual electrical circuits. The engineer identified a system with two power supplies that are connected to the same plug strip. What should the engineer conclude from this?
4. Which of the following systems should be used for populating the IT asset database in an elastic cloud environment?
5. What is typically the most significant risk associated with end users being local administrators on their workstations?
6. Which of the following schemes is most likely to be successful for workstations used by a mobile workforce?
7. An IT department is planning on implementing disaster recovery capabilities in some of its business systems. What means should be used to determine which applications require DR capabilities and to what level of recoverability?
8. A device that forwards packets to their destination based on their destination IP address is known as a:
9. The primary purpose of a dynamic DLP system is:
10. Which of the following best describes the purpose of a hypervisor?
11. What is the purpose of a business impact analysis?
12. What is the best definition of a problem in ITIL-based service management?
13. An organization uses its vulnerability scanning tool as its de facto asset management system. What is the biggest risk associated with this approach?
14. The purpose of a business impact analysis (BIA) is primarily:
15. A mail order organization wants to develop procedures to be followed in the event that the main office building cannot be occupied, so that customer orders can still be fulfilled. What kind of a plan does the organization need to develop?
16. RAM is most commonly used as:
17. The purpose for pre-writing public statements describing the impact, response, and recovery from a disaster include all of the following except:
18. A city government IT department has developed a procedure to be followed when the primary application for accepting water usage payments has been incapacitated. The procedure calls for the initiation of a secondary application in a different data center. What type of procedure has been developed?
19. An organization’s IT department developed DR capabilities for some business applications prior to a BIA ever being performed. Now that a BIA has been performed, it has been determined that some IT applications’ DR capabilities exceed what is called for in the BIA and that other applications fall short. What should be done to remedy this?
20. An IT architect needs to increase the resilience of a single application server. Which of the following choices will least benefit the server’s resilience?
21. What is the feasibility for using the results of a BIA in the creation of a system classification plan?
22. A new IT manager is making improvements in the organization’s management of the detailed settings on servers and network devices. The process that the IT manager has made is a part of:
23. An IT organization is modernizing its tape backup system by sending data to a cloud storage provider. What has the organization implemented?
24. A security manager is planning to implement a first-time use of a vulnerability scanning tool in an organization. What method should the security manager use to confirm that all assets are scanned?
25. Which of the following persons is best suited to approve users’ access to sensitive data in a customer database?