Business Continuity and Disaster Recovery MCQs – CISA

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on reddit
Share on whatsapp


An Organization requires a Business Continuity Plan (BCP) to ensure the uninterrupted availability of all key business resources required to support
Business Continuity and Disaster Recovery MCQs

Business Continuity and Disaster Recovery MCQs

An Organization requires a Business Continuity Plan (BCP) to ensure the uninterrupted availability of all key business resources required to support essential business functions. Here on we have prepared Multiple-Choice Questions (MCQs) that fully cover MCQs on business continuity and disaster recovery, business recovery planning, business continuity planning and disaster recovery policy/ for IT professionals, disaster recovery and business continuity plan example/plan with steps, aws bcp plan, planning processes. These notes also distinguish between disaster recovery planning and business continuity planning. Our MCQs are useful for Competitive exams, Business management exams and Professional accountancy exams.

  1. An Organization requires a Business Continuity Plan (BCP) to ensure the uninterrupted availability of all key business resources required to support essential business functions.
    1. True
    2. False
  1. Stages/steps of a Business Continuity Plan (BCP) include:
    1. Get started and Identify business requirements
    2. Determine recovery speed and Deal with gaps
    3. Maintain the program
    4. All of the above
  1. Business Impact Analysis (BIA) – is one of the key steps in developing the business continuity plan. This phase involves identifying the various events that could negatively affect continuity of operations and their impact on the organization.
    1. The above is correct
    2. The above is incorrect
  1. The critical recovery time period is that “window” of time in which business processing must be resumed before suffering significant or unrecoverable losses.
    1. True
    2. False
  1. IT outages planned or unplanned can unleash a procession of costs and consequences that are direct and indirect, tangible and intangible, short-term and long-term, immediate and far reaching. These costs include:
    1. Lost transaction revenue, Remedial labor costs, Marketing costs
    2. Decrease in stock value, Brand damage
    3. Both A&B
    4. None
  1. A typical risk ranking system functions may contain:
    1. Critical
    2. Vital
    3. Non-critical
    4. All of the above
  1. The selection of a recovery strategy would depend upon:
    1. The criticality of the business process and the applications supporting the processes
    2. Cost and Security
    3. Time required to recover
    4. All of the above

  1. Example of critical questions to cover in a reciprocal agreement include:
    1. How much time will be available at the host computer site?
    2. Are there certain times of the year, month etc. when the partner’s facilities are not available?
    3. Both A&B
    4. None
  1. Mobile data recovery –
    1. Mobile data recovery are either purchased or contracted to facilitate operational recovery.
    2. They can include computers, workstations, telephones, electrical power etc.
    3. They are what would be called a “transportable operating environment”
    4. All of the above
  1. Benefits of using a mobile data recovery service include:
    1. It may be the answer for a catastrophic outage in which access to a business location is no longer possible
    2. It can serve as a new operational center if the site is destroyed
    3. Mobile services can be invoked any time of the day or night, any day of the year.
    4. All of the above
  1. What are the drawbacks of mobile data recovery service?
    1. Where recovery occur within a few hours, mobile services are not recommended
    2. Huge cost for a mobile solution
    3. Both A&B
    4. None
  1. What is the most important thing to consider when selecting a mobile data recovery service provider?
    1. Mobile recovery company experience and reputation
    2. Customer references, Pricing and warranties
    3. Time frame from disaster declaration to arrival/connection of mobile services
    4. All of the above
  1. Contractual provisions for the use of third-party sites should cover:
    1. The vendor’s hardware and software configurations to meet company needs
    2. Speed or availability
    3. Reliability
    4. All of the above
  1. To make use of the “Off-the-shelf” approach, several strategies must be utilized including:
    1. Avoiding use of unusual and hard to get equipment
    2. Regularly updating equipment to keep current
    3. Maintaining software compatibility to permit operations of newer equipment.
    4. All of the above

  1. Emergency management team is responsible for coordinating the activities of all other recovery teams and handles key decision-making. This team functions as disaster overseers and is required to coordinate activities such as:
    1. Retrieving critical and vital data from off-site storage
    2. Operating from the system recovery site
    3. Rerouting network communications traffic
    4. Reconstructing databases
    5. All of the above
  1. For the planning, implementation and evaluation phase of the business continuity plan, which of the following should be agreed upon?
      1. The goals, requirements, product for each phase
      2. Alternate facilities to perform task and operations
      3. Critical information resources to deploy
      4. Peoples/Individuals responsible for completion
      5. Available resources to aid in deployment
      6. The scheduling of activities with priorities established
    1. All of the above
    2. (I) (III) and (V) only
    3. (I) (II) and (V) only
    4. None
  1. What information the Directory of key decision-making personnel should contain?
    1. Prioritized list of contacts, that is who gets called first
    2. Primary and emergency telephone numbers and addresses for each critical contact person
    3. Both A&B
    4. None
  1. The methods of providing telecommunications continuity are:
    1. Alternative Routing
    2. Diverse Routing
    3. Long haul network diversity
    4. All of the above
  1. Redundant Array of Inexpensive Disk (RAID) – provides performance improvements and fault-tolerant capabilities via hardware or software solutions, onto which a series of multiple disks are written to improve performance and save large files simultaneously.
    1. The above is correct
    2. The above is incorrect
  1. Fault-tolerant server –
    1. Provide for fail-safe redundancy through mirrored images of the primary server.
    2. It entails distributed processing of a server load
    3. Both A&B
    4. None
  1. Which of the following tasks the Recovery/Continuity Plan test should strive to accomplish?
    1. Verify the completeness and precision of the business continuity plan
    2. Evaluate the performance of the personnel involved in the exercise
    3. Appraise the training and awareness of non-business continuity team members
    4. All of the above

  1. Plans and strategies for business continuity should be reviewed and updated on a scheduled basis to reflect continuing recognition of changing requirements. This is based on:
    1. A strategy that is appropriate at one point-in-time may not be adequate as the needs of the organization change
    2. New applications may be developed or acquired
    3. Changes in business strategy may alter the significance of critical applications or deem additional applications as critical
    4. All of the above
  1. The responsibility for maintaining the business continuity plan often falls on the business continuity plan coordinator. Specific plan maintenance responsibilities include:
    1. Review of revisions and comments and updating the plan within 30 days of the review date
    2. Updating the notification directory of all personnel changes including phone numbers, responsibilities or status within the company
    3. Both A&B
    4. None
  1. Controls over the off-site library include:
    1. Securing physical access to library contents
    2. Locating the library away from the computer room
    3. Ensuring that a perpetual inventory of all storage media and files stored in the library is maintained
    4. All of the above
  1. Considerations for establishing file backup schedules include:
    1. Real-time files require special backup techniques such as duplicating logging of transactions, use of before and after images of master records etc.
    2. Data Base Management Systems (DBMS) require specialized backup, usually provided as an integral feature of the DBMS
    3. Both A&B
    4. None
  1. When reviewing the developed plan, IS auditor should verify that basic elements of a well-developed plan are evident:
    1. Obtain a current copy of the business continuity plan or manual
    2. Sample the distributed copies of the manual and verify that they are current
    3. Determine if all critical applications have been identified
    4. All of the above
  1. Even with a well-planned backup strategy some___________ may be required.
    1. Information
    2. Quantification
    3. Re-inputting
    4. Re-implementation
  1. The IS auditor evaluates the off-site storage facility by gathering following information:
      1. Data files
      2. Applications software
      3. Applications documentation
      4. Systems software, systems documentation
      5. Operations documentation
    1. (I) (III) and (v) only
    2. (II) (III) and (IV) only
    3. None
    4. All of the above
  1. Which of the following findings is of the highest concern during the audit of a business continuity plan?
    1. There is no insurance for the addition of assets during the year
    2. The business continuity plan manual is not updated on a regular basis
    3. Testing of the backup of data has not been done regularly
    4. None

—More to come soon—

Read more
Read more
Read more

Leave a Reply

Sign up for Free MCQs

Success is awaiting for you


MCQsClub login

Welcome to the Club

Log in to continue. IT'S FREE


By continuing, you agree to MCQs CLUB’s Terms of Service and acknowledge you’ve read our Privacy Policy