Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsCISADomainsInformation Systems Operations and Business Resilience
CISAFree — No Signup

Information Systems Operations and Business Resilience

Practice CISA Information Systems Operations and Business Resilience questions with full explanations on every answer.

72questions

Start practicing

Information Systems Operations and Business Resilience — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

CISA Domains

Governance and Management of ITInformation Systems Acquisition, Development and ImplementationInformation Systems Operations and Business ResilienceProtection of Information AssetsInformation System Auditing Process

Practice Information Systems Operations and Business Resilience questions

10Q20Q30Q50Q

All CISA Information Systems Operations and Business Resilience questions (72)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

An organization experiences a critical system failure during non-business hours. The IT team discovers that the last full backup was 48 hours ago, and the incremental backups for the past 24 hours are corrupted. The recovery time objective (RTO) for this system is 4 hours, and the recovery point objective (RPO) is 1 hour. Which of the following is the MOST immediate concern?

2

An IT auditor is reviewing the business continuity plan (BCP) for a financial services firm. The plan includes a hot site that is shared with another organization under a reciprocal agreement. Which of the following findings should be of MOST concern to the auditor?

3

A company is designing its backup strategy for a critical database that must be available 24/7. The database experiences high transaction volumes. Which backup method minimizes data loss while allowing continuous operations?

4

During an incident response exercise, the IT team discovers that the failover to the disaster recovery (DR) site failed because the DR site's storage area network (SAN) was not zoned correctly for the replicated data. Which of the following controls would BEST prevent this issue?

5

A company's backup policy requires that backup tapes be stored offsite for at least one year. During an audit, the auditor finds that the offsite storage facility is not access-controlled and backup tapes are not encrypted. Which of the following is the auditor's BEST recommendation?

6

An organization is implementing a business continuity plan (BCP). Which of the following is the PRIMARY purpose of conducting a business impact analysis (BIA)?

7

Which TWO of the following are essential components of an effective incident response plan? (Select exactly 2.)

8

Which THREE of the following are key metrics to include in a disaster recovery test report? (Select exactly 3.)

9

An administrator sees the above error after a failed backup job. What is the MOST likely cause?

10

An organization has configured HSRP as shown. During a failover test, the primary router (G0/1) is shut down, but the DR site router does not become active. What is the MOST likely reason?

11

A multinational corporation operates an e-commerce platform hosted in a private cloud environment. The platform consists of web servers, application servers, and a database cluster. The database cluster uses synchronous replication across two data centers (Primary and DR) located 500 km apart. The recovery time objective (RTO) for the platform is 2 hours, and the recovery point objective (RPO) is 15 minutes. During a recent disaster simulation, the primary data center lost power completely. The IT team initiated failover to the DR site. However, the failover process took 3 hours due to a misconfiguration in the DNS failover scripts, and the database was found to be inconsistent because the replication link was broken 30 minutes before the power loss. The team had to restore from a backup that was 4 hours old. After the incident, management requests a review of the disaster recovery plan. Which of the following is the BEST course of action to address the issues identified?

12

An organization is implementing a backup strategy for its critical database. The database is updated continuously during business hours, and the recovery point objective (RPO) is 15 minutes. Which backup method should be used to meet the RPO while minimizing backup storage and performance impact?

13

Based on the backup logs, the backup administrator notices that the incremental backup job failed due to insufficient storage. Which TWO actions should the administrator take to resolve the immediate issue and prevent recurrence?

14

An online retail company runs its e-commerce platform on a virtualized infrastructure with 50 virtual servers. The platform experiences intermittent slowdowns during peak hours, and recent monitoring reports show that disk I/O latency on the storage area network (SAN) frequently exceeds 50 ms during these periods. The SAN has two fabric switches and a single storage array with 12 TB of usable capacity, currently at 80% utilization. The company’s disaster recovery plan requires recovery point objective (RPO) of 1 hour and recovery time objective (RTO) of 4 hours for the e-commerce platform. During a recent test failover to the disaster recovery site, the IT team discovered that the replication link between primary and DR sites is saturated, causing replication lag of up to 3 hours. The team also noted that the DR site storage has only 6 TB of usable capacity, now at 60% utilization. The IT manager is concerned about meeting the RPO and RTO. Which course of action should the IT team take first?

15

Arrange the steps to implement a patch management process in the correct order.

16

Order the steps for conducting a business impact analysis (BIA) in the correct sequence.

17

Match each disaster recovery site type to its description.

18

Match each testing technique to its description.

19

An organization's online transaction processing system experienced a sudden performance degradation. The database administrator checked system resources and found excessive I/O wait time on the storage subsystem. Which of the following is the MOST likely root cause?

20

A multinational corporation has implemented a hot site disaster recovery solution for its critical financial applications. Which of the following is the MOST important consideration to ensure the effectiveness of the hot site?

21

During an IT audit, the auditor finds that a system administrator has local administrator rights on multiple production servers and uses a shared service account for routine maintenance. What is the PRIMARY risk associated with this practice?

22

A company's IT service desk receives multiple reports of users being unable to access a cloud-based CRM system. The network team confirms that internet connectivity is working. Which of the following should be the FIRST step in troubleshooting the issue?

23

An organization is evaluating its business continuity plan (BCP) for a critical application with a recovery time objective (RTO) of 4 hours and a recovery point objective (RPO) of 1 hour. The current backup strategy involves daily full backups and hourly transaction log backups. Which of the following is the MOST significant risk?

24

Which of the following is the BEST indicator that an organization's incident management process is effective?

25

An IT auditor is reviewing the change management process for a financial application. The auditor finds that emergency changes are frequently implemented without post-implementation review. What is the MOST significant risk?

26

A large enterprise is implementing a backup strategy for a critical database that requires an RTO of 2 hours and an RPO of 15 minutes. The database is 2 TB in size. Which backup method would BEST meet these requirements while minimizing storage costs?

27

Which of the following is the PRIMARY purpose of a business impact analysis (BIA) in business continuity planning?

28

Which TWO of the following are key elements of an effective incident response plan? (Select exactly 2.)

29

Which TWO of the following are primary objectives of capacity management? (Select exactly 2.)

30

Which THREE of the following are common challenges when implementing a bring-your-own-device (BYOD) policy that affect information systems operations? (Select exactly 3.)

31

Refer to the exhibit. An IT operator receives this error message from an automated backup job. What is the MOST likely cause of this failure?

32

Refer to the exhibit. An auditor reviews the log shipping configuration for a critical database. Based on the information provided, what is the MOST significant finding?

33

Refer to the exhibit. An auditor reviews the security log of a sensitive server. Which of the following is the MOST suspicious event?

34

An organization's backup strategy involves weekly full backups and daily incremental backups. After a system failure, the restoration takes longer than expected. What is the most likely cause?

35

An IT manager notices that the CPU utilization of a critical server consistently exceeds 90% during peak hours. Which is the BEST course of action?

36

During an audit, the IS auditor finds that the business continuity plan (BCP) was last updated two years ago and does not include new cloud-based applications. The organization has not conducted a BCP test in 18 months. What should the auditor recommend FIRST?

37

A company's backup policy requires that backup media be stored offsite. Which of the following is the PRIMARY reason for this requirement?

38

An organization uses a hot site for disaster recovery. During a recent test, the hot site did not have the latest version of the application software. What is the MOST likely cause?

39

An IS auditor is reviewing the incident management process. The organization has a policy that all security incidents must be reported within one hour. However, the average reporting time is four hours. Which is the BEST corrective action?

40

Which of the following is the PRIMARY objective of an operational audit?

41

A database administrator accidentally deleted a critical table. The last full backup was taken 24 hours ago, and transaction logs are archived every 15 minutes. Which recovery method will minimize data loss?

42

An organization's business continuity plan includes a reciprocal agreement with another company. What is the PRIMARY risk of this arrangement?

43

Which is the MOST likely cause?

44

Given this configuration, which is the PRIMARY concern?

45

Which control failure is MOST significant?

46

Which TWO of the following are essential components of a disaster recovery plan (DRP)?

47

Which TWO of the following are key performance indicators (KPIs) for IT operations?

48

Which THREE of the following are common techniques for ensuring business resilience?

49

A company is experiencing frequent server crashes due to memory leaks. The operations team has implemented a monitoring solution. Which of the following is the BEST indicator to trigger an automated failover to a standby server?

50

During a disaster recovery test, the recovery time objective (RTO) for a critical application was not met. Which of the following is the MOST likely cause?

51

An organization implemented a business continuity plan (BCP) that includes manual workarounds. Which of the following is the PRIMARY risk of relying on manual processes during a disruption?

52

A company's backup policy requires daily full backups to tape and offsite storage. After a ransomware attack, the IT team discovers that the latest backup set is corrupted. Which of the following controls would have BEST prevented this?

53

An IS auditor is reviewing the change management process for a financial application. Which of the following findings would be of MOST concern?

54

A multinational corporation is designing its disaster recovery strategy to meet a recovery point objective (RPO) of 15 minutes for its critical database. Which replication method is MOST appropriate?

55

During an incident, the IT team identifies that a critical patch was not applied due to an expired software maintenance contract. Which of the following is the BEST long-term remediation?

56

An organization wants to ensure that its backup tapes are protected from unauthorized access. Which of the following is the MOST effective control?

57

An organization is implementing a business continuity plan (BCP) and needs to determine the maximum acceptable downtime for a critical system. Which metric should be defined FIRST?

58

An IS auditor is evaluating the effectiveness of a backup strategy for a critical database. Which TWO of the following are essential controls to ensure data recoverability?

59

A company is updating its business continuity plan (BCP). Which THREE of the following should be included as key components?

60

During a disaster recovery test, the team discovers that the backup server is unable to restore data because of incompatible software versions. Which TWO controls should have been implemented to prevent this?

61

Refer to the exhibit. An IS auditor reviewing backup logs notices this error. Which of the following is the MOST likely root cause?

62

Refer to the exhibit. During a security audit, an IS analyst identifies that a critical business application hosted on 192.168.1.100:443 is unreachable from the 10.0.1.0/24 subnet. Which of the following is the MOST likely cause?

63

A multinational organization operates a critical ERP system on a virtualized infrastructure across two data centers (primary and DR). The primary data center is located in Region A, and the DR site in Region B, 500 km away. The ERP database is 2 TB and changes at an average rate of 10 MB per second. The organization uses synchronous replication between the two sites over a dedicated 10 Gbps WAN link. During a recent disaster simulation, the IT team observed that the replication link experienced 15 ms latency, causing the primary database to slow down significantly under peak load, ultimately missing the defined RTO of 4 hours for full failover. The business has an RPO of 15 minutes. The CISO asks the IS auditor to recommend a solution that balances cost and performance while meeting both RTO and RPO. Which of the following is the BEST course of action?

64

A multinational corporation is implementing a disaster recovery plan for its critical financial systems. The plan includes off-site backups and redundant hardware. During a recent test, the recovery time objective (RTO) was met, but the recovery point objective (RPO) was exceeded by 30 minutes due to delayed data replication. Which of the following is the BEST action to address this issue?

65

An organization is evaluating its business continuity plan (BCP) to ensure alignment with the IT disaster recovery plan. Which TWO of the following are critical elements that should be included in the BCP to support effective business resilience?

66

A medium-sized retail company relies on an ERP system for order processing and inventory management. The system is hosted on-premises with daily backups stored on tape. The company's business continuity plan specifies an RTO of 4 hours and an RPO of 1 hour for the ERP system. During a recent fire drill, it was discovered that restoring the ERP system from tape took over 6 hours, and the most recent backup was from the previous day. Which of the following is the BEST course of action to meet the RTO and RPO goals?

67

A financial institution operates a critical payment processing system that must maintain 99.999% availability. The system is deployed across two data centers in active-active mode with load balancing. During a routine maintenance window, a network misconfiguration caused all traffic to be directed to one data center, which then became overloaded and crashed, resulting in 30 minutes of downtime. The incident response team wants to prevent recurrence. Which of the following is the BEST action?

68

A healthcare organization is required to comply with HIPAA regulations for data backup and disaster recovery. They operate a primary data center and a colocation facility for disaster recovery. The current backup strategy involves nightly full backups to tape, which are stored off-site monthly. The recovery time for the electronic health record (EHR) system is estimated at 8 hours, but the RTO required by the business is 2 hours. Additionally, the RPO requirement is 15 minutes. The IT manager proposes implementing a continuous data protection (CDP) solution. However, the CFO is concerned about the cost. Which of the following is the BEST argument to justify the CDP investment?

69

A small e-commerce company uses a cloud-based e-commerce platform with automatic scaling. The company's business continuity plan relies on the cloud provider's promise of 99.99% uptime. During a regional outage affecting the cloud provider's primary availability zone, the company's website became unavailable for 2 hours, resulting in lost sales. The IT manager wants to improve resilience. Which of the following is the BEST action?

70

Which TWO of the following are primary objectives of a business continuity plan (BCP)?

71

Refer to the exhibit. Which of the following is the most significant risk associated with the backup policy for critical data?

72

A medium-sized financial services firm recently suffered a ransomware attack that encrypted critical servers and backups. The recovery process took three weeks because the backup tapes were stored in the same building (which was also infected) and the backup software had a vulnerability that allowed the ransomware to delete old backups. The firm's BCP did not account for simultaneous loss of primary and secondary data. As the IS auditor, you are asked to recommend the most effective improvement to the backup strategy to prevent recurrence and improve resilience. Which of the following actions should the firm implement?

Practice all 72 Information Systems Operations and Business Resilience questions

Other CISA exam domains

Governance and Management of ITInformation Systems Acquisition, Development and ImplementationProtection of Information AssetsInformation System Auditing Process

Frequently asked questions

What does the Information Systems Operations and Business Resilience domain cover on the CISA exam?

The Information Systems Operations and Business Resilience domain covers the key concepts tested in this area of the CISA exam blueprint published by ISACA. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all CISA domains — no account required.

How many Information Systems Operations and Business Resilience questions are in the CISA question bank?

The Courseiva CISA question bank contains 72 questions in the Information Systems Operations and Business Resilience domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Information Systems Operations and Business Resilience for CISA?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Information Systems Operations and Business Resilience questions for CISA?

Yes — the session launcher on this page draws questions exclusively from the Information Systems Operations and Business Resilience domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your CISA domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide

Related Exams

CISMCRISC