CISA : Certified Information Systems Auditor : Part 87
-
At a hospital, medical personal carry handheld computers which contain patient health data. These handheld computers are synchronized with PCs which transfer data from a hospital database. Which of the following would be of the most importance?
- The handheld computers are properly protected to prevent loss of data confidentiality, in case of theft or loss.
- The employee who deletes temporary files from the local PC, after usage, is authorized to maintain PCs.
- Timely synchronization is ensured by policies and procedures.
- The usage of the handheld computers is allowed by the hospital policy.
Explanation:
Data confidentiality is a major requirement of privacy regulations. Choices B, C and D relate to internal security requirements, and are secondary when compared to compliance with data privacy laws. -
Which of the following would BEST support 24/7 availability?
- Daily backup
- offsite storage
- Mirroring
- Periodic testing
Explanation:
Mirroring of critical elements is a too! that facilitates immediate recoverability. Daily backup implies that it is reasonable for restoration to take place within a number of hours but not immediately. Offsite storage and periodic testing of systems do not of themselves support continuous availability. -
The PRIMARY purpose of implementing Redundant Array of Inexpensive Disks (RAID) level 1 in a file server is to:
- achieve performance improvement.
- provide user authentication.
- ensure availability of data.
- ensure the confidentiality of data.
Explanation:
RAID level 1 provides disk mirroring. Data written to one disk are also written to another disk. Users in the network access data in the first disk; if disk one fails, the second disk takes over. This redundancy ensures the availability of data. RAID level 1 does not improve performance, has no relevance to authentication and does nothing to provide for data confidentiality. -
Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup files? The offsite facility must be:
- physically separated from the data center and not subject to the same risks.
- given the same level of protection as that of the computer data center.
- outsourced to a reliable third party.
- equipped with surveillance capabilities.
Explanation:
It is important that there be an offsite storage location for IS files and that it be in a location not subject to the same risks as the primary data center. The other choices are all issues that must be considered when establishing the offsite location, but they are not as critical as the location selection. -
If a database is restored using before-image dumps, where should the process begin following an interruption?
- Before the last transaction
- After the last transaction
- As the first transaction after the latest checkpoint
- At the last transaction before the latest checkpoint
Explanation:
If before images are used, the last transaction in the dump will not have updated the database prior to the dump being taken. The last transaction will not have updated the database and must be reprocessed. Program checkpoints are irrelevant in this situation. -
In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems?
- Maintaining system software parameters
- Ensuring periodic dumps of transaction logs
- Ensuring grandfather-father-son file backups
- Maintaining important data at an offsite location
Explanation:
Ensuring periodic dumps of transaction logs is the only safe way of preserving timely historical data. The volume of activity usually associated with an online system makes other more traditional methods of backup impractical. -
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following is necessary to restore these files?
- The previous day’s backup file and the current transaction tape
- The previous day’s transaction file and the current transaction tape
- The current transaction tape and the current hard copy transaction log
- The current hard copy transaction log and the previous day’s transaction file
Explanation:
The previous day’s backup file will be the most current historical backup of activity in the system. The current day’s transaction file will contain all of the day’s activity. Therefore, the combination of these two files will enable full recovery up to the point of interruption. -
An offsite information processing facility:
- should have the same amount of physical access restrictions as the primary processing site.
- should be easily identified from the outside so that, in the event of an emergency, it can be easily found.
- should be located in proximity to the originating site, so it can quickly be made operational.
- need not have the same level of environmental monitoring as the originating site.
Explanation:
An offsite information processing facility should have the same amount of physical control as the originating site. It should not be easily identified from the outside to prevent intentional sabotage. The offsite facility should not be subject to the same natural disaster that could affect the originating site and thus should not be located in proximity of the original site. The offsite facility should possess the same level of environmental monitoring and control as the originating site. -
An IS auditor performing a review of the backup processing facilities should be MOST concerned that:
- adequate fire insurance exists.
- regular hardware maintenance is performed.
- offsite storage of transaction and master files exists.
- backup processing facilities are fully tested.
Explanation:
Adequate fire insurance and fully tested backup processing facilities are important elements for recovery, but without the offsite storage of transaction and master files, it is generally impossible to recover. Regular hardware maintenance does not relate to recovery. -
Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist?
- Reviewing program code
- Reviewing operations documentation
- Turning off the UPS, then the power
- Reviewing program documentation
Explanation:
Operations documentation should contain recovery/restart procedures, so operations can return to normal processing in a timely manner. Turning off the uninterruptible power supply (UPS) and then turning off the power might create a situation for recovery and restart, but the negative effect on operations would prove this method to be undesirable. The review of program code and documentation generally does not provide evidence regarding recovery/restart procedures. -
Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault?
- There are three individuals with a key to enter the area.
- Paper documents are also stored in the offsite vault.
- Data files that are stored in the vault are synchronized.
- The offsite vault is located in a separate facility.
Explanation:
Choice A is incorrect because more than one person would typically need to have a key to the vault to ensure that individuals responsible for the offsite vault can take vacations and rotate duties. Choice B is not correct because an IS auditor would not be concerned with whether paper documents are stored in the offsite vault. In fact, paper documents, such as procedural documents and a copy of the contingency plan, would most likely be stored in the offsite vault, and the location of the vault is important, but not as important as the files being synchronized. -
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by:
- database integrity checks.
- validation checks.
- input controls.
- database commits and rollbacks.
Explanation:
Database commits ensure the data are saved to disk, while the transaction processing is underway or complete. Rollback ensures that the already completed processing is reversed back, and the data already processed are not saved to the disk in the event of the failure of the completion of the transaction processing. All other options do not ensure integrity while processing is underway. -
To provide protection for media backup stored at an offsite location, the storage site should be:
- located on a different floor of the building.
- easily accessible by everyone.
- clearly labeled for emergency access.
- protected from unauthorized access.
Explanation:
The offsite storage site should always be protected against unauthorized access and have at least the same security requirements as the primary site. Choice A is incorrect because, if the backup is in the same building, it may suffer the same event and may be inaccessible. Choices B and C represent access risks. -
Which of the following ensures the availability of transactions in the event of a disaster?
- Send tapes hourly containing transactions offsite,
- Send tapes daily containing transactions offsite.
- Capture transactions to multiple storage devices.
- Transmit transactions offsite in real time.
Explanation:
The only way to ensure availability of all transactions is to perform a real-time transmission to an offsite facility. Choices A and B are not in real time and, therefore, would not include all the transactions. Choice C does not ensure availability at an offsite location. -
IS management has decided to install a level 1 Redundant Array of Inexpensive Disks (RAID) system in all servers to compensate for the elimination of offsite backups. The IS auditor should recommend:
- upgrading to a level 5 RAID.
- increasing the frequency of onsite backups.
- reinstating the offsite backups.
- establishing a cold site in a secure location.
Explanation:
A RAID system, at any level, will not protect against a natural disaster. The problem will not be alleviated without offsite backups, more frequent onsite backups or even setting up a cold site. Choices A, B and D do not compensate for the lack of offsite backup. -
In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy?
- Disaster tolerance is high.
- Recovery time objective is high.
- Recovery point objective is low.
- Recovery point objective is high.
Explanation:
A recovery point objective (RPO) indicates the latest point in time at which it is acceptable to recover the data. If the RPO is low, data mirroring should be implemented as the data recovery strategy. The recovery time objective (RTO) is an indicator of the disaster tolerance. The lower the RTO, the lower the disaster tolerance. Therefore, choice C is the correct answer. -
Network Data Management Protocol (NDMP) technology should be used for backup if:
- a network attached storage (NAS) appliance is required.
- the use of TCP/I P must be avoided.
- file permissions that can not be handled by legacy backup systems must be backed up.
- backup consistency over several related data volumes must be ensured.
Explanation:
NDMP defines three kinds of services: a data service that interfaces with the primary storage to be backed up or restored, a tape service that interfaces with the secondary storage (primarily a tape device), and a translator service performing translations including multiplexing multiple data streams into one data stream and vice versa. NDMP services interact with each other. The result of this interaction is the establishment of an NDMP control session if the session is being used to achieve control for the backup or restore operation. It would result in an NDMP data session if the session is being used to transfer actual file system or volume data (including metadata). Control sessions are always TCP/IP-based, but data streams can be TCP/lP-or SAN-based. NDMP is more or less NAS-centric and defines a way to back up and restore data from a device, such as a NAS appliance, on which it is difficult to install a backup software agent, in the absence of NDMP, this data must be backed up as a shared drive on the LAN, which is accessed via network file protocols, such as Common Internet File System (CIFS) or Network File System (NFS), degrading backup performance. NDMP works on a block level for transferring payload data (file content) but metadata and traditional file system information needs to be handled by legacy backup systems that initiate NDMP data movement. NDMP does not know about nor takes care of consistency issues regarding related volumes (e.g., a volume to store database files, a volume to store application server data and a volume to store web server data). NDMP can be used to do backups in such an environment (e.g., SAP) but the logic required either must be put into a dedicated piece of software or must be scripted into the legacy backup software. -
An organization currently using tape backups takes one full backup weekly and incremental backups daily. They recently augmented their tape backup procedures with a backup-to- disk solution. This is appropriate because:
- fast synthetic backups for offsite storage are supported.
- backup to disk is always significantly faster than backup to tape.
- tape libraries are no longer needed.
- data storage on disks is more reliable than on tapes.
Explanation:
Disk-to-disk (D2D) backup should not be seen as a direct replacement for backup to tape; rather, it should be viewed as part of a multitier backup architecture that takes advantage of the best features of both tape and disk technologies. Backups to disks are not dramatically faster than backups to tapes in a balanced environment. Most often than not there is hardly a difference, since the limiting components are not tape or disk drives but the overall sustained bandwidth of the backup server’s backplane. The advantage in terms of speed is in restoring performance, since all data are on hand and can be accessed randomly, resulting in a dramatic enhancement in throughput. This makes fast synthetic backups (making a full back up without touching the host’s data only by using the existing incremental backups) efficient and easy. Although the cost of disks has been reduced, tape-based backup can offer an overall cost advantage over disk-only solutions. Even if RAID arrays are used for D2Dstorage, a failed drive must be swapped out and the RAID set rebuilt before another disk drive fails, thus making this kind of backup more risky and not suitable as a solution of last resort. In contrast, a single tape drive failure does not produce any data loss since the data resides on the tape media. In a multidrive library, the loss of the use of a single tape drive has no impact on the overall level of data protection. Conversely, the loss of a disk drive in an array can put all data at risk. This in itself reinforces the benefits of a disk-to-disk-to-any storage hierarchy, as data could be protected by a tertiary stage of disk storage and ultimately tape. Beyond the drive failure issue, tape has an inherent reliability advantage over any disk drive as it has no boot sector or file allocation table that can be infected or manipulated by a virus. -
Which of the following should be the MOST important criterion in evaluating a backup solution for sensitive data that must be retained for a long period of time due to regulatory requirements?
- Full backup window
- Media costs
- Restore window
- Media reliability
Explanation:
To comply with regulatory requirements, the media should be reliable enough to ensure an organization’s ability to recovery the data should they be required for any reason. Media price is a consideration, but should not be more important than the ability to provide the required reliability. Choices A and C are less critical than reliability. -
In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database?
- Daily data backup to tape and storage at a remote site
- Real-time replication to a remote site
- Hard disk mirroring to a local server
- Real-time data backup to the local storage area network (SAN)
Explanation:
With real-time replication to a remote site, data are updated simultaneously in two separate locations; therefore, a disaster in one site would not damage the information located in the remote site. This assumes that both sites were not affected by the disaster. Daily tape backup recovery could lose up to a day’s work of data. Choices C and D take place in the same data center and could possibly be affected by the same disaster.
Subscribe
0 Comments
Newest