Home > CISA (Certified Information Systems Auditor) > Quizzes > CISA Domain 4: Information Systems Operations and Business Resilience
CISA Domain 4: Information Systems Operations and Business Resilience
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 17% Most missed: “What is a typical frequency for running a job that checks Active Directory for u…”
CISA Domain 4: Information Systems Operations and Business Resilience
Time left 00:00
25 Questions

1. The purpose of a business impact analysis (BIA) is primarily:
2. The primary mission of data governance is:
3. An organization’s financial accounting system crashes every Friday night after backups have completed. In ITIL terms, what process should be invoked?
4. A city government IT department has developed a procedure to be followed when the primary application for accepting water usage payments has been incapacitated. The procedure calls for the initiation of a secondary application in a different data center. What type of procedure has been developed?
5. A new IT manager is making improvements in the organization’s management of unplanned outages. The IT manager has built a new process where repeated cases of similar outages are analyzed in order to identify their cause. What process has the IT manager created?
6. The primary purpose of a dynamic DLP system is:
7. What is the purpose of a business impact analysis?
8. An IT organization is modernizing its tape backup system by replacing its tape library system with a storage array, while keeping its tape backup software system. What has the organization implemented?
9. An IT department completed a data discovery assessment and found that numerous users were saving files containing sensitive information on organization-wide readable file shares. Which of the following is the best remediation for this matter?
10. A SaaS provider and a customer are having a dispute about the availability of service, quality of service, and issue resolution provided by the SaaS provider. What type of a legal agreement should the parties add to their contract to better define these problems and their resolution?
11. A new IT manager is making improvements in the organization’s management of the detailed settings on servers and network devices. The process includes the creation of a repository for storing details about this information. This repository is known as:
12. For which users or groups should the SQL listener on a database management system be accessible?
13. Which of the following should approve RTO and RPO targets?
14. What is the purpose of salvage operations in a disaster recovery plan?
15. A DBA has determined that it is not feasible to directly back up a large database. What is the best remedy for this?
16. An organization’s IT department developed DR capabilities for some business applications prior to a BIA ever being performed. Now that a BIA has been performed, it has been determined that some IT applications’ DR capabilities exceed what is called for in the BIA and that other applications fall short. What should be done to remedy this?
17. An IT organization is investigating a problem in its change management process whereby many changes have to be backed out because they could not be completed or because verifications failed. Which is the best remedy for this situation?
18. Which of the following best describes the purpose of a hypervisor?
19. An IT architect is proposing a plan for improving the resilience of critical data in the organization. The architect proposes that applications be altered so that they confirm that transactions have been successfully written to two different storage systems. What scheme has been proposed?
20. A device that forwards packets to their destination based on their destination IP address is known as a:
21. What is the purpose of hot-pluggable drives in a storage system?
22. All of the following are valid reasons for removing end users’ local administrators privileges on their workstations except:
23. A new IT manager is making improvements to the organization’s need to make its systems and devices more resilient to attacks. The IT manager should update:
24. A data privacy officer recently commissioned a data discovery exercise to understand the extent to which sensitive data is present on the company’s world-readable file share. The exercise revealed that dozens of files containing large volumes of highly sensitive data were present on the file share. What is the best first step the data privacy officer should take?
25. What is the most important factor to consider in the development of a disaster recovery plan?